Hi
I am new in mikrotik OS (3 months) and i am very enthusiastic with this
I was implement three vrrp clusters in my company and throw out any
other firewall soft/hard in my first defence line.
I have some tunnels with static ip peers (about 190) in my two vpn MT clusters
What is to i achieve is to make connection from two isp’s to my vpn from
diferent static ip peers. If one Isp is down then the spoke is trying to establish a tunnel with my second vpn MT with backup interface of cisco
router.
The first vpn MT is to make tunnels from one Isp and the second vpn MT
is for other Isp.
I have make all the tunnels in first vpn MT with static ip address of peers
(eg. 64.32.56.x) and private ip address of lans (eg. 10.40.0.x)
Similar for second vpn MT (eg. 195.34.23.x) and lans (eg.10.40.0.x)
Behind them is a firewall MT to allow or deny remote lans in my resources
In this scenario i have static routes in firewall to private lans in tunnels.
This is a problem because if the tunnel in first vpn is drop and second vpn
is up it must change all the routes in my firewall.
Can i use BGP in tree MT’s so that when a tunnel in first vpn MT is drop
(because the Isp has problem), and the second vpn is up, the firewall MT
change the routes automaticaly to point in second vpn MT for remote lans ?
Thanks nikos