Hi Guys,
Below is my config, I have a current wan setup on ppoe 4km wiresless vdsl link (goes down due to solar occasionally)
I wish to add my at home on the lan adsl link 192.168.1.155 as a second Wan , with fall over so if Wan1 (solar vdsl) goes down, The users on the lan will still have internet untill the vdsl wan comes back up.
I would also like to lock some users to the adsl link only (wireless ap)
I have found and read lots of guides for setting up 2 x ppoe Wans but no luck for examples of my current config.
Once I get it running I would like to put some policy based routing in but that is secondary
Thanks
Jeremy
/interface bridge
add comment=“Internal Network” mtu=1500 name=bridge-local
/ip neighbor discovery
set bridge-local comment=“Internal Network”
/port
set 0 name=serial0
set 1 name=serial1
/ppp profile
add change-tcp-mss=yes name=ppp-wan
/interface pppoe-client
add add-default-route=yes dial-on-demand=yes disabled=no interface=ether2 max-mru=1492 max-mtu=1492 name=" Wan 1" password=******** profile=
ppp-wan use-peer-dns=yes user=jeremy***@sna***
/ip neighbor discovery
set " Wan 1" discover=no
/user group
add name=sniffer policy=ssh,read,!local,!telnet,!ftp,!reboot,!write,!policy,!test,!winbox,!password,!web,!sniff,!sensitive,!api
/interface bridge port
add bridge=bridge-local interface=ether3
add bridge=bridge-local interface=ether4
add bridge=bridge-local interface=ether5
add bridge=bridge-local interface=ether1
add bridge=bridge-local interface=ether6
add bridge=bridge-local interface=ether7
add bridge=bridge-local interface=ether8
/ip accounting
set enabled=yes threshold=2560
/ip accounting web-access
set accessible-via-web=yes address=192.168.1.3/32
/ip address
add address=192.168.1.1/16 interface=bridge-local network=192.168.0.0
add address=10.0.0.20/16 interface=ether2 network=10.0.0.0
add address=11.0.0.20/16 interface=ether3 network=11.0.0.0
/ip dns
set allow-remote-requests=yes cache-size=10000KiB
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add action=drop chain=input comment=“Drop Invalid connections” connection-state=invalid
add chain=input comment=“Allow Established connections” connection-state=established
add chain=input comment=“Allow ICMP” protocol=icmp
/ip firewall mangle
add action=change-mss chain=forward new-mss=1452 out-interface=" Wan 1" protocol=tcp tcp-flags=syn
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether2
add action=masquerade chain=srcnat out-interface=" Wan 1"
add action=dst-nat chain=dstnat dst-port=5000 in-interface=" Wan 1" protocol=tcp to-addresses=192.168.1.9 to-ports=5000
add action=dst-nat chain=dstnat dst-port=5050 in-interface=" Wan 1" protocol=udp to-addresses=192.168.1.9 to-ports=5050
/ip hotspot service-port
set ftp disabled=yes
/ip proxy
set always-from-cache=yes cache-administrator=web-proxy cache-on-disk=yes cache-path=micro-sd1/web-proxy1 parent-proxy=0.0.0.0
serialize-connections=yes
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
/ip upnp
set enabled=yes show-dummy-rule=no
/ip upnp interfaces
add interface=bridge-local type=internal
add interface=" Wan 1" type=external
/snmp
set enabled=yes trap-target=0.0.0.0 trap-version=2
/system clock
set time-zone-autodetect=no time-zone-name=Pacific/Auckland
/system ntp client
set enabled=yes primary-ntp=202.89.49.65 secondary-ntp=202.89.49.65
[admin@MikroTik] >