Hello all,
i want to configure a 2nd gateway on a mikrotik router so that when someone tries to access a certain IP address( not belonging to the subnet) they get routed through the 2nd gateway.
How do i achieve that ?
Should be doable with a dst-nat rule I think.
Need a bit more info from your side to give you a more exact answer though.
i have a cisco equippment with a certain IP address that has some other connections configured on it.
i have a mikrotik that holds my network and that is also my GW to internet.
Now i have a cable between CISCO and Mikrotik and i would like to configure a static routing so that either a certain IP from my network gets redirected to that cisco and use that as a GW or whomever from my network access a certain ip, gets directed through cisco.
this can be done in /ip route package
- “certain IP from my network gets redirected”: src based routing rule or mangling
- “whomever from my network access a certain ip” normal route definition with distance < default gw (0.0.0.0/0) or routing rule similar to above or mangling
for the “routing rule” you’ll need a separate routing table using other gw
mangling has some constraints & consequences, ex: no FastTrack
i understand partially.
for my example my subnet is 192.168.200.0/24
cisco is 192.168.200.5
i want when a user tries to connect to X.X.X.X to use cisco as GW…
i believe this is the option i should configure as for the other option i would leave the user without internet access.
also i will have light traffic to this route, so the consequences you mentioned shouldn’t be a problem
So how do i do this ?>
I was afraid you might say that.
Right now clients are directly connected to both routers: MT & Cisco. And it’s actually them that should make the decision…based on their internal routing tables.
It’s still possible to route traffic from Client over MT to Cisco, but will require src-nat-ing each connection.
Therefore, the easiest would be to “hang” cisco on Mikrotik directly, and not in client range .200.
Thank you for the reply.
The good news is theres only a couple of clients…
To be sure you understood.
My cisco does not assure internet connection .
Not all users need access to it.
The way its config is.. ISP ONT - 1 port Cisco ( for a “special” connection ..2 port internet acccess ..where my mikrotik goes. And a physical ethernet cable between mikrotik and cisco.
Mikrotik is my network with users. Now i need to offer some users access to that connection on cisco. I dont have access on the ISP device or cisco. …i only have a fixed ip on cisco matching my subnet.
Right now…cisco reponds to ping.
I just need to make another static route to say …all my users who want to go to X.X.X.X must use cisco’s ip as gateway.
Wouldn’t a simple
/ip route
add dst-address=X.X.X.X/M gateway=192.168.200.5
on routerboard do the trick? Clients would pass packets to routerboard as their default gateway. Routerboard would pass on to cisco packets intended for the configured destination. Returning packets would be delivered by cisco directly to clients. So be careful not to connection-track these packets or else routerboard’s connection tracking would end up in ruins.
If decission for taking the alternate route is based on more complex rules, then routing marks might be of some use.
Might be possible, I wondered about RP-filtering, but that should be ok.
You’ll need to allow traffic in filter / forward from LAN to LAN
Hello again,
Thank you all for your help.
It worked, but the other side of my connection was down. LOL .
Thank you all again.