L2TP in mangle not working after changed PCC rules

Hi, Guys
I’ve rebuild my PCC rules according to https://mum.mikrotik.com/2019/VN/agenda, the problem is l2tp routing is not working anymore.
Here is my old config, l2tp routing is working without any problems.

/ip firewall mangle
add action=mark-connection chain=prerouting in-interface=ether2-wan1 new-connection-mark=wan1
add action=mark-connection chain=prerouting in-interface=ether3-wan2 new-connection-mark=wan2
add action=mark-connection chain=prerouting in-interface=ether4-wan3 new-connection-mark=wan3
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=bridge1 new-connection-mark=wan1 passthrough=yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=bridge1 new-connection-mark=wan2 passthrough=yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=bridge1 new-connection-mark=wan3 passthrough=yes per-connection-classifier=both-addresses:3/2
add action=mark-routing chain=prerouting connection-mark=wan1 in-interface=bridge1 new-routing-mark=wan1-mark
add action=mark-routing chain=prerouting connection-mark=wan2 in-interface=bridge1 new-routing-mark=wan2-mark
add action=mark-routing chain=prerouting connection-mark=wan3 in-interface=bridge1 new-routing-mark=wan3-mark
add action=mark-routing chain=output connection-mark=wan1 new-routing-mark=wan1-mark
add action=mark-routing chain=output connection-mark=wan2 new-routing-mark=wan2-mark
add action=mark-routing chain=output connection-mark=wan3 new-routing-mark=wan3-mark
add chain=prerouting dst-address=112.65.129.0/24 in-interface=bridge1
add chain=prerouting dst-address=140.206.103.0/24 in-interface=bridge1
add chain=prerouting dst-address=220.248.18.0/24 in-interface=bridge1
add action=mark-routing chain=prerouting dst-address-list=!cnlist dst-address-type=!local new-routing-mark=l2tp passthrough=yes src-address-list=local

Here is my new PCC rules

/ip firewall mangle
add action=accept chain=prerouting dst-address-list=lan src-address-list=lan
add action=mark-connection chain=input connection-mark=no-mark in-interface=ether2-wan1 new-connection-mark=wan1 passthrough=no
add action=mark-connection chain=input connection-mark=no-mark in-interface=ether3-wan2 new-connection-mark=wan2 passthrough=no
add action=mark-connection chain=input connection-mark=no-mark in-interface=ether4-wan3 new-connection-mark=wan3 passthrough=no
add action=mark-routing chain=output connection-mark=wan1 new-routing-mark=wan1-mark passthrough=no
add action=mark-routing chain=output connection-mark=wan2 new-routing-mark=wan2-mark passthrough=no
add action=mark-routing chain=output connection-mark=wan3 new-routing-mark=wan3-mark passthrough=no
add action=mark-connection chain=forward connection-mark=no-mark in-interface=ether2-wan1 new-connection-mark=wan1-to-lan passthrough=no
add action=mark-connection chain=forward connection-mark=no-mark in-interface=ether3-wan2 new-connection-mark=wan2-to-lan passthrough=no
add action=mark-connection chain=forward connection-mark=no-mark in-interface=ether4-wan3 new-connection-mark=wan3-to-lan passthrough=no
add action=mark-routing chain=prerouting connection-mark=wan1-to-lan new-routing-mark=wan1-mark passthrough=no src-address-list=lan
add action=mark-routing chain=prerouting connection-mark=wan2-to-lan new-routing-mark=wan2-mark passthrough=no src-address-list=lan
add action=mark-routing chain=prerouting connection-mark=wan3-to-lan new-routing-mark=wan3-mark passthrough=no src-address-list=lan
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-list=!lan dst-address-type=!local new-connection-mark=lan-to-wan1 passthrough=yes per-connection-classifier=both-addresses:3/0 src-address-list=lan
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-list=!lan dst-address-type=!local new-connection-mark=lan-to-wan2 passthrough=yes per-connection-classifier=both-addresses:3/1 src-address-list=lan
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-list=!lan dst-address-type=!local new-connection-mark=lan-to-wan3 passthrough=yes per-connection-classifier=both-addresses:3/2 src-address-list=lan
add action=mark-routing chain=prerouting connection-mark=lan-to-wan1 dst-address-list=!lan new-routing-mark=wan1-mark passthrough=no src-address-list=lan
add action=mark-routing chain=prerouting connection-mark=lan-to-wan2 dst-address-list=!lan new-routing-mark=wan2-mark passthrough=no src-address-list=lan
add action=mark-routing chain=prerouting connection-mark=lan-to-wan3 dst-address-list=!lan new-routing-mark=wan3-mark passthrough=no src-address-list=lan
add action=mark-routing chain=prerouting dst-address-list=!cnlist dst-address-type=!local new-routing-mark=l2tp passthrough=yes src-address-list=local

I’ve already tried move up the “l2tp rule” column by column, but still not working.
Hope someone could tell me where is the problem.
Thanks.

ok, I replaced this l2tp rule

add action=mark-routing chain=prerouting dst-address-list=!cnlist dst-address-type=!local new-routing-mark=l2tp passthrough=yes src-address-list=local

with below

add action=mark-connection chain=forward connection-mark=no-mark dst-address-list=!cnlist dst-address-type=!local in-interface=l2tp-out1 new-connection-mark=l2tptolan passthrough=yes src-address-list=local
add action=mark-routing chain=prerouting connection-mark=l2tptolan dst-address-list=!cnlist dst-address-type=!local new-routing-mark=l2tp passthrough=yes src-address-list=local

will report back tomorrow.
Thanks.

Ok, it’s not working.
Can someone take a look and help me out?
Thanks.

Ok, I’ve managed it to work now.
modified rules are below, hope this will help others having the same problem.

add action=mark-connection chain=prerouting new-connection-mark=l2tptolan passthrough=yes
add action=mark-routing chain=prerouting connection-mark=l2tptolan dst-address-list=!cnlist dst-address-type=!local new-routing-mark=l2tp passthrough=no src-address-list=local