help me. configuring port forwarding for two public IP addresses on my router. In relation to my router’s NAT configuration, I am attempting to verify the status of the open ports using the following tool: https://www.yougetsignal.com/tools/open-ports. The tool’s functionality appears inconsistent, as it sometimes responds through WAN1 and at other times through WAN2. Thank you for your assistance. sorry for my english

/interface bridge
add add-dhcp-option82=yes dhcp-snooping=yes fast-forward=no name=
bridge-hotspot port-cost-mode=short protocol-mode=none
add add-dhcp-option82=yes dhcp-snooping=yes fast-forward=no name=bridge-local
port-cost-mode=short
add add-dhcp-option82=yes dhcp-snooping=yes fast-forward=no name=bridge-pppoe
port-cost-mode=short
/interface ethernet
set [ find default-name=sfp-sfpplus1 ] l2mtu=1598
set [ find default-name=sfp-sfpplus3 ] l2mtu=1598
set [ find default-name=sfp-sfpplus4 ] l2mtu=1598
/interface vlan
add interface=bridge-pppoe name=vlan2_1019-PPPoE vlan-id=1019
add interface=bridge-pppoe name=vlan2_1020-PPPoE vlan-id=1020
/interface list
add name=WAN
add name=LAN
/ip hotspot profile
set [ find default=yes ] hotspot-address=172.16.50.1 html-directory=abc
login-by=http-chap,https,http-pap name=HOTSPOT
add hotspot-address=172.16.50.1 html-directory=abc install-hotspot-queue=no
login-by=cookie,http-chap,https,http-pap,mac-cookie name=VENDO-100
/ip hotspot user profile
set [ find default=yes ] add-mac-cookie=no name=TRIAL rate-limit=10M/10M
/ip ipsec proposal
set [ find default=yes ] disabled=yes enc-algorithms=aes-256-cbc,aes-192-cbc
/ip pool
add name=hs-postpaid2 ranges=10.5.12.5-10.5.12.254
/ip smb users
set [ find default=yes ] disabled=yes read-only=no
/port
set 0 name=serial0
set 1 name=serial1
set 3 name=serial0
/ppp profile
set *0 use-ipv6=no
add change-tcp-mss=no dns-server=10.5.10.1 local-address=10.5.10.1 name=
HOME999 only-one=yes rate-limit=20M/20M remote-address=hs-postpaid2
use-compression=no use-encryption=no use-ipv6=no use-mpls=no use-upnp=no
set *FFFFFFFE on-down=“\r
\n” use-encryption=default use-ipv6=no
/queue type
set 9 pfifo-limit=100
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2 originate-default=if-installed router-id=
20.20.20.5
add disabled=no name=default-v3 version=3
/routing ospf area
add disabled=no instance=default-v2 name=backbone-v2
add disabled=yes instance=default-v3 name=backbone-v3
/routing table
add fib name=RT-PL1
add fib name=PL1
add fib name=RT-PL5
add fib name=PL5
add disabled=no fib name=DNS
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/system logging action
set 0 memory-lines=100
add name=pppoe target=disk
add name=support target=memory
/user group
set read policy=“local,read,test,winbox,api,romon,!telnet,!ssh,!ftp,!reboot,!w
rite,!policy,!password,!web,!sniff,!sensitive,!rest-api”
set write policy=“reboot,read,write,policy,test,web,sniff,sensitive,api,rest-a
pi,!local,!telnet,!ssh,!ftp,!winbox,!password,!romon”
/interface bridge port
add bridge=bridge-hotspot interface=ether13 internal-path-cost=10 path-cost=
10 trusted=yes
add bridge=bridge-pppoe interface=ether9 trusted=yes
/ip firewall connection tracking
set udp-timeout=10s
/ip neighbor discovery-settings
set discover-interface-list=none protocol=“”
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set accept-redirects=no accept-router-advertisements=no disable-ipv6=yes
forward=no max-neighbor-entries=1024 min-neighbor-entries=1023
soft-max-neighbor-entries=1023
/interface ethernet switch
set 1 name=switch2
/interface l2tp-server server
set default-profile=*E0 enabled=yes one-session-per-host=yes
/interface list member
add interface=bridge-pppoe list=LAN
add interface=vlan2_1019-PPPoE list=LAN
add interface=vlan2_1020-PPPoE list=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4 ipv6-interface=*43 use-network-apn=no
/interface lte settings
set mode=serial
/interface ovpn-server server
add auth=sha1 certificate=*2 cipher=aes256-cbc default-profile=*9
mac-address=FE:84:00:60:33:0F name=ovpn-server1
require-client-certificate=yes
/interface pppoe-server server
add disabled=no interface=bridge-pppoe service-name=FIBERLINE
add disabled=no interface=vlan2_1020-PPPoE service-name=FIBER1
add disabled=no interface=vlan2_1019-PPPoE service-name=FIBER1-HHomes
/interface pptp-server server

PPTP connections are considered unsafe, it is suggested to use a more modern VPN protocol instead

set authentication=pap,chap,mschap1,mschap2 default-profile=*E0 enabled=yes
max-mru=1460 max-mtu=1460
/interface sstp-server server
set authentication=pap
/ip address
add address=115.146.xxx.98 comment=“STATIC WAN1” interface=ether1 network=
115.146.xxx.97
add address=124.106.xxx.32 comment=“STATIC WAN5” interface=ether5 network=
124.106.xxx.31
/ip arp
add address=172.16.55.250 interface=bridge-hotspot mac-address=
90:A2:DA:45:DE:FC
/ip cloud
set update-time=no
/ip dhcp-server
add address-pool=*1 interface=bridge-local lease-time=1h name=local-dhcp
add address-pool=*1C interface=*3F lease-time=1h name=vlan-antena
add address-pool=*2C interface=*41 name=vlan-vendo
add address-pool=*2B interface=*42 name=vlan100
/ip dhcp-server lease
add address=172.16.50.28 client-id=1:1e:ec:91:a4:c3:82 mac-address=
1E:EC:91:A4:C3:82 server=*2
/ip dns
set allow-remote-requests=yes cache-size=20480KiB
max-concurrent-tcp-sessions=200 servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.160.1 disabled=yes name=router type=A
add address=8.8.8.8 disabled=yes name=dns.google.com type=A
/ip firewall address-list
add address=10.5.12.254 comment=zz.aajuan_juan list=TELP_availed
add address=10.5.12.254 comment=zz.aajuan_juan list=IPTV_availed
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=
“place hotspot rules here” disabled=yes
/ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=no-mark
connection-state=new new-connection-mark=viaISP1 protocol=tcp
add action=mark-connection chain=prerouting connection-mark=no-mark
connection-state=new new-connection-mark=viaISP5 protocol=tcp
add action=mark-routing chain=output connection-mark=viaISP1
new-routing-mark=RT-PL1 protocol=tcp
add action=mark-routing chain=output connection-mark=viaISP5
new-routing-mark=RT-PL5 protocol=tcp
add action=mark-routing chain=prerouting log-prefix=5 new-routing-mark=RT-PL5
passthrough=no src-address=10.5.12.2-10.5.12.254
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=
“place hotspot rules here” disabled=yes
add action=masquerade chain=srcnat comment=WAN
add action=dst-nat chain=dstnat comment=myrouter dst-port=333 protocol=tcp
to-addresses=10.5.12.254 to-ports=80
/ip firewall service-port
set tftp disabled=yes
set udplite disabled=yes
set sctp disabled=yes
/ip hotspot
add address-pool=*6 addresses-per-mac=1 idle-timeout=none interface=
bridge-hotspot name=WIFI profile=VENDO-100
add address-pool=*2B addresses-per-mac=1 disabled=no interface=*42 name=
VENDO-100 profile=VENDO-100
/ip hotspot service-port
set ftp disabled=yes
/ip hotspot user
set [ find default=yes ] limit-bytes-total=100000000000
/ip ipsec policy
set 0 disabled=yes
/ip ipsec profile
set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5
/ip proxy
set cache-administrator=“” enabled=yes parent-proxy=0.0.0.0
/ip proxy access
add disabled=yes dst-host=i.ibb.co
add action=redirect action-data=ibb.co/DptWFSL disabled=yes
add action=redirect action-data=172.16.50.1:8080 dst-host=!172.16.50.1
/ip proxy direct
add
/ip route
add check-gateway=ping comment=WAN1 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=115.146.xxx.97 routing-table=PL1 scope=30
suppress-hw-offload=no target-scope=10
add check-gateway=ping comment=WAN5 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=124.106.xxx.31 routing-table=PL5 scope=30
suppress-hw-offload=no target-scope=11
add check-gateway=ping comment=WAN5 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=124.106.xxx.31 routing-table=main scope=30
suppress-hw-offload=no target-scope=10
add check-gateway=ping comment=WAN1 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=115.146.xxx.97 routing-table=main scope=30
suppress-hw-offload=no target-scope=10
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set www-ssl certificate=*A
set api port=8730
set winbox port=8292
set api-ssl disabled=yes
/ip smb shares
set [ find default=yes ] directory=share name=share
/ip upnp
set show-dummy-rule=no
/ipv6 nd
set [ find default=yes ] advertise-dns=no disabled=yes
/ipv6 nd prefix default
set autonomous=no
/ppp aaa
set accounting=no
/ppp secret
add caller-id=E0:4B:A6:82:C9:20 comment=test name=zz.aajuan_juan profile=
HOME999 service=pppoe
/routing ospf interface-template
add area=backbone-v2 disabled=no interfaces=*43 networks=10.110.100.0/28
priority=1
add area=backbone-v2 disabled=no interfaces=*44 networks=20.20.20.5 priority=
1
/routing rule
add action=lookup disabled=no dst-address=0.0.0.0/0 routing-mark=RT-PL1
src-address=0.0.0.0/0 table=PL1
add action=lookup disabled=no dst-address=0.0.0.0/0 routing-mark=RT-PL5
src-address=0.0.0.0/0 table=PL5
/system clock
set time-zone-autodetect=no
/system clock manual
set time-zone=+08:00
/system health settings
set cpu-overtemp-check=yes cpu-overtemp-threshold=100C
/system identity
set name=FBWAN1
/system leds
set 0 interface=*1E leds=user-led type=interface-status
/system logging
add disabled=yes topics=e-mail
add disabled=yes topics=ipsec
add action=disk disabled=yes prefix=-> topics=hotspot,info,debug
add action=pppoe topics=pppoe,info,account
add action=support topics=lte,!packet
/system note
set show-at-login=no
/system ntp client
set enabled=yes
/system ntp server
set manycast=yes
/system ntp client servers
add address=asia.pool.ntp.org
add address=133.243.238.243
add address=203.99.62.214
/system resource irq rps
set sfp-sfpplus4 disabled=no
set sfp-sfpplus1 disabled=no
set sfp-sfpplus3 disabled=no
set *1D disabled=yes
set *1E disabled=yes
set *1F disabled=yes
set *20 disabled=yes
set *21 disabled=yes
set *22 disabled=yes
set *23 disabled=yes
set *24 disabled=yes
set *25 disabled=yes
/system routerboard settings
set enter-setup-on=delete-key
/system watchdog
set automatic-supout=no watchdog-timer=no
/tool bandwidth-server
set authenticate=no enabled=no
/tool e-mail
set from=“” port=587 server=74.125.68.109 tls=starttls
/tool graphing
set store-every=hour
/tool mac-server
set allowed-interface-list=none
/tool mac-server ping
set enabled=no
/tool romon
set enabled=yes
/tool romon port
add interface=all
/tool sms
set channel=1 port=usb5 receive-enabled=yes

general
https://help.mikrotik.com/docs/spaces/ROS/pages/59965508/Policy+Routing

similar case
http://forum.mikrotik.com/t/dual-pppoe-wan-failover-with-specific-port/181541/6

Please provide a diagram that shows how the router is connected to the two WAN, other devices connected and whether a public or private IP is provided, do not use actual Public WANIP numbers.
Then describe how you have setup the two WAN connections on the router.
A config would be best as well.

/export file=anynameyouwish ( minus router serial number, any public wanip information, vpn keys )

Good day, sir. This is my diagram.

Sometimes I can access my modem router using 115.146.xxx.xx:333, but at other times, I cannot access it and it switches to 124.106.xxx.xx:333.

I would like to access my modem router from either of these two public IP addresses at any time.

Sorry diagram makes no sense to me, hopefully somebody with more experience with this type of setup can assist.

routing policy code

/ip a add address=115.146.0.2/30 comment="WAN_isp1" interface=e1_WAN_isp1
/ip a add address=124.106.0.2/30 comment="WAN_isp2" interface=e2_WAN_isp2

/ro ta add disabled=no fib name=to_WAN_isp1
/ro ta add disabled=no fib name=to_WAN_isp2

/ip ro add dst-address=0.0.0.0/0 gateway=115.146.0.1 distance=1 
/ip ro add dst-address=0.0.0.0/0 gateway=124.106.0.1 distance=2

/ip ro add dst-address=0.0.0.0/0 gateway=115.146.0.1 routing-table=to_WAN_isp1 distance=1
/ip ro add dst-address=0.0.0.0/0 gateway=2124.106.0.1 routing-table=to_WAN_isp2 distance=1

/ro ru add routing-mark=to_WAN_isp1 table=to_WAN_isp1
/ro ru add src-address=115.146.0.0/30 table=to_WAN_isp1
/ro ru add routing-mark=to_WAN_isp2 table=to_WAN_isp2
/ro ru add src-address=124.106.0.0/30 table=to_WAN_isp2