I have a Mikrotik project and hope that can help me.
At this moment I am starting with mikrotik, until now I work with fortigate.
At this moment, I have diferents office with a fortigate firewall and access to two ISPs and, in a central office have a fortigate 100D and two ISPs as well.
I attached a file with a schema.
With this configuration I can support the interruption of any ISP access in any of my offices.
When I create a tunnel in fortigate I can specify from the wan interface that I like to connect, but I do not know if this option is possible in Mikrotik.
I would like to know if it is possible to apply this scheme between mikrotik and fortigate devices.
And for a future between mikrotik and mikrotik.
Thanks for your reply. I try to explain what I need.
I like to create four redundant tunnels between two offices and create the same distance routes. With this I like to balance all the traffic through all the tunnels while all the tunnels are working.
If a tunnel descends at either end, the traffic will pass through the remaining tunnels automatically.
First, this configuration will be in mikrotik and fotigate, but some months later I will exchange fortigate with mikrotik. Then I will mount the same system but with all the extreme mikrotik equipment.
The first problem I see is that in fortigate when I create a new tunnel I can specify the wan interface but in mikrotik I do not know how to do it.
Another problem is that in fortigate I can specify several routes to the same remote lan but in mikrotik I do not specify routes when I create a tunnel. So I do not know how it would be done.
I’m sorry for my English is not very good. I hope you have explained me well.
You can choose your destination IP. According to routing tables and gateway through which this destination should be reachable, the WAN interface can be chosen.
You can’t. Only PPPoE-client interface needs to point the outgoin interface, because it’s L2. PPTP/EoIP/L2TP/IPIP don’t have a outgoing interface in their options. It’s different operating system.
You can’t if server address is the same for both tunnels. But if you have server with two different IP addresses, then each tunnel can be redirected to specific WAN interface based on destination address to the server.
Thanks for your reply msatter, But PPC is not only for Intenet access?. The problem is that I don’t know create two tunnels from 2 diferents wans to same ip wan destination and according to comments
mrz user this is not posible . And I think that I need thian before load balancing.
If you know some alternative to create this tunnels and can you tel me?.
It also depends about what VPN type you are talking about. I assumed it is L2TP or some other PPP based.
In case if it is pure IPSec then you can establish two peers over different out interfaces. Then run EoIP or gre or IPIP over ipsec and do ECMP routing over those tunnels.