Jacka
September 7, 2015, 1:23pm
1
Hi all,
I created a set of rules that you can see below, everything works fine, no complaints.
PPTP client (mikrotik) - connected to a PPTP Server
/ip firewall nat add action=masquerade chain=srcnat out-interface=PPTP
/ip firewall mangle add action=mark-routing chain=prerouting new-routing-mark=PPTP src-address=192.168.88.0/24
/ip route add distance=1 dst-address=172.23.241.250/32 gateway=PPTP routing-mark=PPTP
But if enable another set of rules you can see below then the first set of rules don’t work anymore, why does this happen?
PPTP client (mikrotik) - connected to another mikrotik PPTP Server
/ip firewall nat add action=masquerade chain=srcnat out-interface=PPTP_2
/ip firewall mangle add action=mark-routing chain=prerouting new-routing-mark=PPTP_2 src-address=192.168.88.0/24
/ip route add distance=1 dst-address=172.16.11.120/32 gateway=PPTP_2 routing-mark=PPTP_2
Thank you.
Van9018
September 8, 2015, 4:59am
2
PPTP_1 and PPTP_2 are both 172.23.241.250/32 ?
A packet from 192.168.88.0/24 destined to 172.23.241.250 will first have it’s routing mark set to PPTP_1, but then the next mangle rule changes that mark to PPTP_2 and the packet will go out on PPTP_2.
Jacka
September 8, 2015, 6:01am
3
Van9018:
PPTP_1 and PPTP_2 are both 172.23.241.250/32 ?
A packet from 192.168.88.0/24 destined to 172.23.241.250 will first have it’s routing mark set to PPTP_1, but then the next mangle rule changes that mark to PPTP_2 and the packet will go out on PPTP_2.
No no, sorry I’ve made a mistake, I edited the first post, second route is to: 172.16.11.250
How to configure so that both set o rules would work together?
Van9018
September 14, 2015, 5:40pm
5
Your mangle rules need to have different criteria.
The first mangle rule sets the routing mark to PPTP when the src address is 192.168.88.0/24.
Then the second rule will change that routing mark to PPTP_2 when the src address is 192.168.88.0/24
Thus all packets will always go out the second route.
What are you trying to do?