Hello, new Mikrotik user here, I have previous experience with Sonicwall and a little Cisco/ASA. I have the basics configured on my new Mikrotiks for my company, although they are not in production yet. I have three that need to all go live as close together as possible, including one that is overseas that I must configure remotely. The two US sites each have two WAN connections, the overseas site only has one. I need to setup a VPN between all 3 locations with WAN failover at the US sites, that will keep the VPN connection up if any US WAN connection fails. I do not care about load balancing.
I have been watching YouTube videos and searching the forums, but I have not been able to find exactly what I need. Can anyone point me in the right direction? Thanks!
Bump. This is a pretty standard setup. Can anyone help with this?
Please disregard as I am returning these firewalls and buying SonicWalls.
Hi,
I need to build a similar setup. Does anybody have a hint?
Regards
Martin
1.Use SSTP/OVPN to connect to each IP. You need to configure Mangle Rule and Routing Table to make the network flow using proper WAN connection.
2.Set up EoIP tunnel for each SSTP/OVPN.
3.Set up bonding for each pair of EoIP tunnel. In your case you need 3 bonding.
4.Enjoy!
Hi eteranl,
thank you for sharing this solution. As I have read EoIP suffers performance, is there a better alternative? Would this work?
- SSTP/OVPN to connect each WAN to each pper
- MPLS/VPLS over VPN tunnel
If you can accept tcp connection reset on failover, just use any Tunnel is OK. EoIP and bonding is not necessary.
I think SSTP/OVPN have a serious impact on performance, not EoIP. GRE(IPIP/EoIP/PPTP) is much faster than TCP(SSTP/OVPN).
But you suggest using SSTP/OVPN as point 1 in your solution. Do I misunderstand?
I suggest it for security(RSA4096+SHA512+AES256).
If you need high performance, use IPIP/PPTP instead. Of course, you still need to configure Mangle Rule and Routing Table.