i have 2 gateways that i can get to work just cannot seem to get the nat to work with both of them. fail over would be nice but at this point i would settle for both just working.
if i add to the route add 0 gateway=64.x.x2/25,67.x.x.126/29 it works but only for ping. meaning i can ping the preffered ip addresses but cannot seem to add any other addresses. i have add ie 64.x.x.10/25
also when i add the second gateway to the MT my network connections seems to lag on the inbond telnet sessions. when i remove the second gateway every is very quick.
the telnet session will start just takes it about 20-30 secs to start . without the other gw it take 1-2 seconds. this is on both local lan and wan connections
OK, the first thing that seems to be way off is your dual gateway routing entry. Did you really enter “64.x.x2/25,67.x.x.126/29” for the gateway? This won’t work at all (and it would surprise me, if the MikroTik would allow you too, but can’t check at the moment), as those are address ranges - a gateway can only be a single ip address (without a netmask), so this could be “64.x.x.2,67.x.x.126” (if those are the correct addresses).
The second thing is I don’t really catch what your two nat rules should do (and perhaps I get the whole setup wrong). You have one local LAN with private ip space (192.168.x.x) and two separate uplinks, right? You want some kind of load balancing?
Giving both gateway addresses in the default route will create some kind of “round-robin” loadbalancing, no failover (as you stated would be step 2).
As you have private ip space in your LAN, you need src-nat, like this one
This should private src-natting for your LAN for your woth WAN uplinks. Replace the “wan1” and “wan2” above with your real uplink interface names (might also be ether2 and ether3 for example…).
You only need a dst-nat rule if you want to make services from machines on your private LAN available to the outside (like a web server or mail server). Is this what you want?
Hope this helps as a first step - and please shed some more light on what you want to achieve, if I got you wrong
Ah, and to your second question: From WHERE do you try to login to your MT? Your private LAN?
for the second question i posted . i was refering to (not MT connection) i have a server running telnet on the 64.x.x.12 on the fire wan1 connection. works like a charm with out the second gw when i add the second gw it either stops working or takes for ever to get in . once i am in it is ok but i must be loosing something in the routing for this to be happing ??
also forgot this on the the other server i added i have src nat also setup
/ip firewall src-nat add src-address=192.x.x.2/32 action=nat to-src-address=64.x.x.20
i can get everything to work except i cannot seem to get both server to run telnet sessions
which ever one starts first (i mean which ever one is highest on the rules seems to start . ) as soon i add the second gateway they stop working
the first on will still work . then if i remove the the other gateway .they both start working again.
Is there any chance to create a login on this system for me so I could check some settings? You could send me an e-mail to support@cmit.de. I would also give you my ip address so you could restrict the login to that one…
like i said when i add the second gw it does work just doesnt let the other telnet sessions work. i am going to try using a different subnet for the servers and see if this makes a difference.
