Hi.
I am having problem with routing incoming connections. I have 2 diferent ISP connected to Mikrotik. Wan1 is cable and Wan2 is adsl (pppoe) connection.Wan2 is used as a backup link. Connection failover is achived by adding a second route with higher distance, and check gateway option.
Local IP = 192.168.0.200/24
Wan1 IP = 1.1.1.100/24 (public ip)
Wan2 IP = 2.2.2.200/24 (public ip)
ip firewall nat>
chain=srcnat action=masquerade
ip route>
DST-ADDRESS G GATEWAY DISTANCE INTERFACE
...
A S 0.0.0.0/0 r 1.1.1.1 Wan1
D 0.0.0.0/0 r 2.2.2.2 1 Wan2
ip firewall nat>
chain=dstnat dst-address=1.1.1.100 protocol=tcp dst-port=80
action=dst-nat to-addresses=192.168.0.1 to-ports=80
chain=dstnat dst-address=1.1.1.100 protocol=tcp dst-port=25
action=dst-nat to-addresses=192.168.0.1 to-ports=25
chain=dstnat dst-address=1.1.1.100 protocol=tcp dst-port=110
action=dst-nat to-addresses=192.168.0.1 to-ports=110
chain=dstnat dst-address=2.2.2.200 protocol=tcp dst-port=80
action=dst-nat to-addresses=192.168.0.1 to-ports=80
chain=dstnat dst-address=2.2.2.200 protocol=tcp dst-port=25
action=dst-nat to-addresses=192.168.0.1 to-ports=25
chain=dstnat dst-address=2.2.2.200 protocol=tcp dst-port=110
action=dst-nat to-addresses=192.168.0.1 to-ports=110
I am trying to connect to mail server behind mikrotik. If i use Wan1 everything works OK. But i am unable to conect to mail server behind mikrotik (or the mikrotik itself) using Wan2, as long as Wan1 is running. I can see conections comeing in, but mikrotik is always routing outgoing conections through the WAN1 (default route). If Wan1 stops working or I disable it everyting works through Wan2.
By adding folowing mangle and route rules i manged to solve a part of my problem.
ip firewall mangle>
chain=input in-interface=Wan1 action=mark-connection new-connection-mark=Wan1-con passthrough=yes
chain=output connection-mark=Wan1-con action=mark-routing new-routing-mark=Wan1-route passthrough=yes
ip route>
add gateway=2.2.2.2 routing-mark=Wan1-route
ip route rule>
add action=lookup routing-mark= Wan1-route table= Wan1-route
Now I can connect to mikrotik using both internet connections, but not the mail server behind it.
How to mangle incoming connection from WAN2 and route it back through WAN2 regardless of the default route?
Please help. I have tried to mangle incoming connection, and route it through the incoming interface (gateway) but it wont work. I am missing something, for sure. Browsing through the forum gave me couple of ideas but none of them work.