RB750 hex PPPoE client connection issues

premitel · August 2, 2016, 11:33am

Hi

I hope someone can help with me with an odd PPPoE client connection problem that I am having with an RB750 hex.

I have a client with 4 x ADSL WAN connections and I have set up an RB750 with multiple WAN connections and load sharing etc.

That is all working fine.

It was my intention to have 4 x ADSL modems in Bridge mode connected to 4 x ports of the RB750 in PPPoE client mode.

However, I can only get one of the PPPoE connections to work and that will work fine on any of the 4 ports.

However, the other 3 x ADSL connections will not connect at all in PPPoE mode on any of the ports.

The modems are fine as they syncronise OK and they all work when swapped with the working ADSL connection.

There is nothing wrong with the ADSL connections as I have resorted to connecting 3 x ADSL routers to these connections and have connected these to the RB750.

These routers work fine when connected to the ADSL connections.

All the ADSL connections are from the same provider and the iSP can’t see anything wrong.

There is nothing wrong with the RB750 as this works OK in my office with 2 x PPPoE connections…one ADSL and one VDSL.

My client’s RB750 set up appears to be working fine, but I would rather that 3 of his WAN connections did not have to go through another layer of NAT via thre unnecessary routers.

I have tried another RB750 out of the box with minimal configuration and that had the same problem.

I was wondering if there is some PPPoE tweak that I haven’t found in the RB750 or if someone else has had a similar problem and has solved it.

Thank you

mistry7 · August 2, 2016, 7:29pm

Please send config Export

premitel · August 3, 2016, 11:34am

Thank you for reply...here is config.

The PPPoE interfaces linked to ETH 2, 3 &4 are disabled with ETH 2, 3 & 4 set to get IP addresses from ADSL router.

ETH 1 is connected to ADSL modem.

\

aug/03/2016 12:22:17 by RouterOS 6.35.4

software id = SEQN-LW80

/interface ethernet
set [ find default-name=ether1 ] comment="WAN1-0131 281 1614"
set [ find default-name=ether2 ] comment="WAN2-0131 629 0595"
set [ find default-name=ether3 ] comment="WAN3-0131 281 0475"
set [ find default-name=ether4 ] comment="WAN4-0131 281 8939"
set [ find default-name=ether5 ] arp=proxy-arp comment="LAN to VLAN switch (AR
P set to proxy-arp to enable PPTP VPN to work for remote access to zyxel s
witches...no idea why it works)"
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 max-mru=1480 max-mtu=
1480 mrru=1600 name=pppoe-out1 password=2jNydVA3QA user=
HIGH7308E@ultimate21st.co.uk
add add-default-route=yes interface=ether2 max-mru=1480 max-mtu=1480 mrru=
1600 name=pppoe-out2 password=7uVhQTxHvu use-peer-dns=yes user=
HIGH7308B@absolute.highnet.com
add add-default-route=yes interface=ether3 name=pppoe-out3 password=
UMksFD9pkb use-peer-dns=yes user=HIGH7308D@ultimate21st.co.uk
add add-default-route=yes interface=ether4 name=pppoe-out4 password=
BURMNZN3bQ use-peer-dns=yes user=HIGH7308C@ultimate21st.co.uk
/ip neighbor discovery
set ether1 comment="WAN1-0131 281 1614"
set ether2 comment="WAN2-0131 629 0595"
set ether3 comment="WAN3-0131 281 0475"
set ether4 comment="WAN4-0131 281 8939"
set ether5 comment="LAN to VLAN switch (ARP set to proxy-arp to enable PPTP VP
N to work for remote access to zyxel switches...no idea why it works)"
/interface vlan
add interface=ether5 name=vlan_1_default vlan-id=1
add interface=ether5 name=vlan_200_printer vlan-id=200
add interface=ether5 name=vlan_201_production vlan-id=201
add interface=ether5 name=vlan_202_voip vlan-id=202
add interface=ether5 name=vlan_203_box-office vlan-id=203
add interface=ether5 name=vlan_204_guest vlan-id=204
add interface=ether5 name=vlan_205_press vlan-id=205
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp_pool0 ranges=192.168.10.10-192.168.10.99
add name=dhcp_pool2 ranges=192.168.201.10-192.168.201.199
add name=dhcp_pool3 ranges=192.168.202.10-192.168.202.199
add name=dhcp_pool4 ranges=192.168.203.10-192.168.203.199
add name=dhcp_pool5 ranges=192.168.204.10-192.168.204.199
add name=dhcp_pool1 ranges=192.168.20.100-192.168.20.199
add name=dhcp_pool6 ranges=192.168.200.10-192.168.200.199
add name=dhcp_pool7 ranges=
192.168.100.1-192.168.100.11,192.168.100.13-192.168.100.254
add name=dhcp_pool8 ranges=192.168.205.10-192.168.205.199
/ip dhcp-server
add address-pool=dhcp_pool2 disabled=no interface=vlan_201_production name=
dhcp_2
add address-pool=dhcp_pool3 disabled=no interface=vlan_202_voip name=dhcp_3
add address-pool=dhcp_pool4 disabled=no interface=vlan_203_box-office name=
dhcp_4
add address-pool=dhcp_pool5 disabled=no interface=vlan_204_guest name=dhcp_5
add address-pool=dhcp_pool1 disabled=no interface=ether5 name=dhcp_1
add address-pool=dhcp_pool6 disabled=no interface=vlan_200_printer name=
dhcp_6
add address-pool=dhcp_pool8 disabled=no interface=vlan_205_press name=dhcp_8
/queue tree
add max-limit=1800k name=Upload_WAN1 parent=pppoe-out1 queue=
pcq-upload-default
add max-limit=1800k name=Upload_WAN2 parent=ether2 queue=pcq-upload-default
add max-limit=1800k name=Upload_WAN3 parent=ether3 queue=pcq-upload-default
add max-limit=1800k name=Upload_WAN4 parent=ether4 queue=pcq-upload-default
add limit-at=500k max-limit=1800k name=VoIP_Up_1 packet-mark=VoIP_Up parent=
Upload_WAN1 priority=2 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Production_Up_1 packet-mark=
Production_Up parent=Upload_WAN1 priority=4 queue=pcq-upload-default
add limit-at=1M max-limit=1800k name=Box-Office_Up_1 packet-mark=
Box-Office_Up parent=Upload_WAN1 priority=3 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Guest_Up_1 packet-mark=Guest_Up
parent=Upload_WAN1 priority=7 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Press_Up_1 packet-mark=Press_Up
parent=Upload_WAN1 priority=5 queue=pcq-upload-default
add limit-at=1M max-limit=1800k name=Box-Office_Up_2 packet-mark=
Box-Office_Up parent=Upload_WAN2 priority=3 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Guest_Up_2 packet-mark=Guest_Up
parent=Upload_WAN2 priority=7 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Press_Up_2 packet-mark=Press_Up
parent=Upload_WAN2 priority=5 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Production_Up_2 packet-mark=
Production_Up parent=Upload_WAN2 priority=4 queue=pcq-upload-default
add limit-at=500k max-limit=1800k name=VoIP_Up_2 packet-mark=VoIP_Up parent=
Upload_WAN2 priority=2 queue=pcq-upload-default
add limit-at=1M max-limit=1800k name=Box-Office_Up_3 packet-mark=
Box-Office_Up parent=Upload_WAN3 priority=3 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Guest_Up_3 packet-mark=Guest_Up
parent=Upload_WAN3 priority=7 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Press_Up_3 packet-mark=Press_Up
parent=Upload_WAN3 priority=5 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Production_Up_3 packet-mark=
Production_Up parent=Upload_WAN3 priority=4 queue=pcq-upload-default
add limit-at=500k max-limit=1800k name=VoIP_Up_3 packet-mark=VoIP_Up parent=
Upload_WAN3 priority=2 queue=pcq-upload-default
add limit-at=1M max-limit=1800k name=Box-Office_Up_4 packet-mark=
Box-Office_Up parent=Upload_WAN4 priority=4 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Guest_Up_4 packet-mark=Guest_Up
parent=Upload_WAN4 priority=7 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Press_Up_4 packet-mark=Press_Up
parent=Upload_WAN4 priority=3 queue=pcq-upload-default
add limit-at=100k max-limit=1800k name=Production_Up_4 packet-mark=
Production_Up parent=Upload_WAN4 priority=5 queue=pcq-upload-default
add limit-at=500k max-limit=1800k name=VoIP_Up_4 packet-mark=VoIP_Up parent=
Upload_WAN4 priority=2 queue=pcq-upload-default
add max-limit=48M name=Download parent=ether5 queue=pcq-download-default
add limit-at=500k max-limit=12M name=VoIP_Down packet-mark=VoIP_Down parent=
Download priority=2 queue=pcq-download-default
add limit-at=1M max-limit=12M name=Press_Down packet-mark=Press_Down parent=
Download priority=5 queue=pcq-download-default
add limit-at=1M max-limit=24M name=Production_Down packet-mark=
Production_Down parent=Download priority=4 queue=pcq-download-default
add limit-at=500k max-limit=36M name=Guest_Down packet-mark=Guest_Down
parent=Download priority=7 queue=pcq-download-default
add limit-at=9M max-limit=24M name=Box-Office_Down packet-mark=
Box-Office_Down parent=Download priority=3 queue=pcq-download-default
/ip firewall connection tracking
set enabled=yes udp-stream-timeout=5m
/interface l2tp-server server
set default-profile=default enabled=yes
/interface pptp-server server
set authentication=mschap2 default-profile=default enabled=yes
/interface sstp-server server
set enabled=yes
/ip address
add address=192.168.201.1/24 interface=vlan_201_production network=
192.168.201.0
add address=192.168.202.1/24 interface=vlan_202_voip network=192.168.202.0
add address=192.168.203.1/24 interface=vlan_203_box-office network=
192.168.203.0
add address=192.168.204.1/24 interface=vlan_204_guest network=192.168.204.0
add address=192.168.20.1/24 interface=ether5 network=192.168.20.0
add address=192.168.200.1/24 interface=vlan_200_printer network=192.168.200.0
add address=192.168.205.1/24 interface=vlan_205_press network=192.168.205.0
add address=192.168.4.99/24 interface=ether4 network=192.168.4.0
add address=192.168.3.99/24 interface=ether3 network=192.168.3.0
add address=192.168.2.99/24 interface=ether2 network=192.168.2.0
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid disabled=no
interface=ether1 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid interface=ether2
use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid interface=ether3
use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid interface=ether4
use-peer-dns=no use-peer-ntp=no
/ip dhcp-server lease
add address=192.168.203.100 client-id=client100 mac-address=00:0D:B9:17:0D:E9
server=dhcp_4
/ip dhcp-server network
add address=192.168.20.0/24 dns-server=192.168.20.1 gateway=192.168.20.1
add address=192.168.100.0/24 gateway=192.168.100.12
add address=192.168.200.0/24 dns-server=192.168.200.1 gateway=192.168.200.1
add address=192.168.201.0/24 dns-server=192.168.201.1 gateway=192.168.201.1
add address=192.168.202.0/24 dns-server=192.168.202.1 gateway=192.168.202.1
add address=192.168.203.0/24 dns-server=192.168.203.1 gateway=192.168.203.1
add address=192.168.204.0/24 dns-server=192.168.204.1 gateway=192.168.204.1
add address=192.168.205.0/24 dns-server=192.168.205.1 gateway=192.168.205.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall address-list
add address=192.168.201.0/24 list="Private VLANs"
add address=192.168.202.0/24 list="Private VLANs"
add address=192.168.203.0/24 list="Private VLANs"
add address=192.168.204.0/24 list="Private VLANs"
add address=192.168.20.0/24 list="Local LANs"
add address=192.168.200.0/24 list="Local LANs"
add address=192.168.201.0/24 list="Local LANs"
add address=192.168.202.0/24 list="Local LANs"
add address=192.168.203.0/24 list="Local LANs"
add address=192.168.204.0/24 list="Local LANs"
add address=192.168.205.0/24 list="Local LANs"
add address=192.168.205.0/24 list="Private VLANs"
/ip firewall filter
add chain=input comment="Accept ICMP Pings" protocol=icmp
add chain=input comment=
"Allow new connections to router from local LAN addresses"
connection-state=new src-address-list="Local LANs"
add chain=input comment="Accept established & related packets"
connection-state=established,related
add action=drop chain=forward comment="Drop invalid packets"
connection-state=invalid
add action=drop chain=forward comment="Drop packets between private VLANs"
dst-address-list="Private VLANs" src-address-list="Private VLANs"
add action=drop chain=forward comment=
"Drop packets between private VLANs and management VLAN"
connection-state=new dst-address=192.168.20.0/24 src-address-list=
"Private VLANs"
add chain=forward comment="Allow new connections from Local LAN addresses"
connection-state=new src-address-list="Local LANs"
add chain=forward comment="Accept established & related connections"
connection-state=established,related
add chain=input comment="Allow remote Winbox access" dst-port=8291 protocol=
tcp
add chain=input comment="Allow remote http access on port 81" dst-port=81
protocol=tcp
add chain=input comment="Allow pptp vpn connection" dst-port=1723 protocol=
tcp
add chain=input comment="Allow pptp vpn tunnel" protocol=gre
add action=drop chain=input comment="Drop all other input packets"
add chain=forward comment="Allow port 22 for Redgate management" dst-port=22
in-interface=pppoe-out1 protocol=tcp
add chain=forward comment="Allow port 5666 for Redgate management" dst-port=
5666 in-interface=pppoe-out1 protocol=tcp
add chain=forward comment="POrt 80 test forward" disabled=yes dst-port=80
in-interface=pppoe-out1 protocol=tcp
add action=drop chain=forward comment="Drop all other forward packets"
/ip firewall mangle
add chain=prerouting comment="Ensure packets destined for local IP addresses a
re not processed by Mangle Chain and are passed to Main routing table"
dst-address-list="Local LANs"
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_201_production for routing over WAN2" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_201_production
new-connection-mark="WAN2 Connection Mark" per-connection-classifier=
both-addresses:5/0
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_201_production for routing over WAN2" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_201_production
new-connection-mark="WAN2 Connection Mark" per-connection-classifier=
both-addresses:5/1
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_201_production for routing over WAN2" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_201_production
new-connection-mark="WAN2 Connection Mark" per-connection-classifier=
both-addresses:5/2
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_201_production for routing over WAN2" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_201_production
new-connection-mark="WAN2 Connection Mark" per-connection-classifier=
both-addresses:5/3
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_201_production for routing over WAN1" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_201_production
new-connection-mark="WAN1 Connection Mark" per-connection-classifier=
both-addresses:5/4
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_202_voip for routing over WAN1" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_202_voip log=yes
new-connection-mark="WAN1 Connection Mark" per-connection-classifier=
both-addresses:5/0
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_202_voip for routing over WAN1" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_202_voip log=yes
new-connection-mark="WAN1 Connection Mark" per-connection-classifier=
both-addresses:5/1
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_202_voip for routing over WAN1" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_202_voip
new-connection-mark="WAN1 Connection Mark" per-connection-classifier=
both-addresses:5/2
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_202_voip for routing over WAN1" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_202_voip
new-connection-mark="WAN1 Connection Mark" per-connection-classifier=
both-addresses:5/3
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_202_voip for routing over WAN1" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_202_voip
new-connection-mark="WAN1 Connection Mark" per-connection-classifier=
both-addresses:5/4
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_203_box-office for routing over WAN3" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_203_box-office
new-connection-mark="WAN3 Connection Mark" per-connection-classifier=
both-addresses:5/0
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_203_box-office for routing over WAN3" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_203_box-office
new-connection-mark="WAN3 Connection Mark" per-connection-classifier=
both-addresses:5/1
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_203_box-office for routing over WAN3" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_203_box-office
new-connection-mark="WAN3 Connection Mark" per-connection-classifier=
both-addresses:5/2
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_203_box-office for routing over WAN3" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_203_box-office
new-connection-mark="WAN3 Connection Mark" per-connection-classifier=
both-addresses:5/3
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_203_box-office for routing over WAN1" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_203_box-office
new-connection-mark="WAN1 Connection Mark" per-connection-classifier=
both-addresses:5/4
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_204_guest for routing over WAN1" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_204_guest
new-connection-mark="WAN1 Connection Mark" per-connection-classifier=
both-addresses:3/0
add action=mark-connection chain=prerouting comment="Randomly mark unmarked co
nnection from vlan_204_guest for routing over WAN2" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_204_guest
new-connection-mark="WAN2 Connection Mark" per-connection-classifier=
both-addresses:3/1
add action=mark-connection chain=prerouting comment="Randomly mark unmarekd co
nnection from vlan_204_guest for routing over WAN3" connection-mark=
no-mark dst-address-type=!local in-interface=vlan_204_guest
new-connection-mark="WAN3 Connection Mark" per-connection-classifier=
both-addresses:3/2
add action=mark-connection chain=prerouting comment=
"Mark all unmarked connection from vlan_205_press for routing over WAN4"
connection-mark=no-mark dst-address-type=!local in-interface=
vlan_205_press new-connection-mark="WAN4 Connection Mark"
add action=mark-routing chain=prerouting comment="Mark traffic from all vlans
with WAN1 Connection mark for routing over WAN1" connection-mark=
"WAN1 Connection Mark" in-interface=all-vlan new-routing-mark=
"WAN1 Routing Mark"
add action=mark-routing chain=prerouting comment="Mark traffic from all vlans
with WAN2 Connection mark for routing over WAN2" connection-mark=
"WAN2 Connection Mark" in-interface=all-vlan new-routing-mark=
"WAN2 Routing Mark"
add action=mark-routing chain=prerouting comment="Mark traffic from all vlans
with WAN3 Connection mark for routing over WAN3" connection-mark=
"WAN3 Connection Mark" in-interface=all-vlan new-routing-mark=
"WAN3 Routing Mark"
add action=mark-routing chain=prerouting comment="Mark traffic from all vlans
with WAN4 Connection mark for routing over WAN4" connection-mark=
"WAN4 Connection Mark" in-interface=all-vlan new-routing-mark=
"WAN4 Routing Mark"
add action=mark-routing chain=output comment="Ensure traffic from router itsel
f with WAN1 connection mark returns through WAN1" connection-mark=
"WAN1 Connection Mark" new-routing-mark="WAN1 Routing Mark"
add action=mark-routing chain=output comment="Ensure traffic from router itsel
f with WAN2 connection mark returns through WAN2" connection-mark=
"WAN2 Connection Mark" new-routing-mark="WAN2 Routing Mark"
add action=mark-routing chain=output comment="Ensure traffic from router itsel
f with WAN3 connection mark returns through WAN3" connection-mark=
"WAN3 Connection Mark" new-routing-mark="WAN3 Routing Mark"
add action=mark-routing chain=output comment="Ensure traffic from router itsel
f with WAN4 connection mark returns through WAN4" connection-mark=
"WAN4 Connection Mark" new-routing-mark="WAN4 Routing Mark"
add action=mark-connection chain=prerouting comment=
"Mark unmarked connections received on WAN1 with WAN1 connection mark"
connection-mark=no-mark in-interface=ether1 new-connection-mark=
"WAN1 Connection Mark"
add action=mark-connection chain=prerouting comment=
"Mark unmarked connections received on WAN2 with WAN2 connection mark"
connection-mark=no-mark in-interface=ether2 new-connection-mark=
"WAN2 Connection Mark"
add action=mark-connection chain=prerouting comment=
"Mark unmarked connections received on WAN3 with WAN3 connection mark"
connection-mark=no-mark in-interface=ether3 new-connection-mark=
"WAN3 Connection Mark"
add action=mark-connection chain=prerouting comment=
"Mark unmarked connections received on WAN4 with WAN4 connection mark"
connection-mark=no-mark in-interface=ether4 new-connection-mark=
"WAN4 Connection Mark"
add action=mark-packet chain=forward comment="Mark as Printer those packets f
rom vlan_200_printer that have a Connection Mark" connection-mark=
!no-mark in-interface=vlan_200_printer new-packet-mark=Printer_Up
passthrough=no
add action=mark-packet chain=forward comment="Mark as VoIP_Down those packets
exiting vlan_202_voip that have a Connection Mark" connection-mark=
!no-mark new-packet-mark=Printer_Down out-interface=vlan_200_printer
passthrough=no
add action=mark-packet chain=forward comment="Mark as Production those packets
_ from vlan_201_production that have a Connection Mark" connection-mark=
!no-mark in-interface=vlan_201_production new-packet-mark=Production_Up
passthrough=no
add action=mark-packet chain=forward comment="Mark as VoIP_Down those packets
exiting vlan_202_voip that have a Connection Mark" connection-mark=
!no-mark new-packet-mark=Production_Down out-interface=
vlan_201_production passthrough=no
add action=mark-packet chain=forward comment="Mark as VoIP_Up those packets f
rom vlan_202_voip that have a Connection Mark" connection-mark=!no-mark
in-interface=vlan_202_voip new-packet-mark=VoIP_Up passthrough=no
add action=mark-packet chain=forward comment="Mark as VoIP_Down those packets
exiting vlan_202_voip that have a Connection Mark" connection-mark=
!no-mark new-packet-mark=VoIP_Down out-interface=vlan_202_voip
passthrough=no
add action=mark-packet chain=forward comment="Mark as Box-Office those packets
_ from vlan_203_box-office that have a Connection Mark" connection-mark=
!no-mark in-interface=vlan_203_box-office new-packet-mark=Box-Office_Up
passthrough=no
add action=mark-packet chain=forward comment="Mark as VoIP_Down those packets
exiting vlan_202_voip that have a Connection Mark" connection-mark=
!no-mark new-packet-mark=Box-Office_Down out-interface=
vlan_203_box-office passthrough=no
add action=mark-packet chain=forward comment="Mark as Guests those packets fr
om vlan_204_guests that have a Connection Mark" connection-mark=!no-mark
in-interface=vlan_204_guest new-packet-mark=Guest_Up passthrough=no
add action=mark-packet chain=forward comment="Mark as VoIP_Down those packets
exiting vlan_202_voip that have a Connection Mark" connection-mark=
!no-mark new-packet-mark=Guest_Down out-interface=vlan_204_guest
passthrough=no
add action=mark-packet chain=forward comment="Mark as Press those packets fro
m vlan_205_press that have a Connection Mark" connection-mark=!no-mark
in-interface=vlan_205_press new-packet-mark=Press_Up passthrough=no
add action=mark-packet chain=forward comment="Mark as VoIP_Down those packets
exiting vlan_202_voip that have a Connection Mark" connection-mark=
!no-mark new-packet-mark=Press_Down out-interface=vlan_205_press
passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat out-interface=ether2
add action=masquerade chain=srcnat out-interface=ether3
add action=masquerade chain=srcnat out-interface=ether4
add action=masquerade chain=srcnat out-interface=pppoe-out1

pppoe-out2 not ready

add action=masquerade chain=srcnat out-interface=pppoe-out2

pppoe-out3 not ready

add action=masquerade chain=srcnat out-interface=pppoe-out3

pppoe-out4 not ready

add action=masquerade chain=srcnat out-interface=pppoe-out4
add action=dst-nat chain=dstnat comment="Port forward 22 to 192.168.203.100"
dst-port=22 in-interface=pppoe-out1 protocol=tcp to-addresses=
192.168.203.100 to-ports=22
add action=dst-nat chain=dstnat comment=
"Port forward 5666 to 192.168.203.100" dst-port=5666 in-interface=
pppoe-out1 protocol=tcp to-addresses=192.168.203.100 to-ports=5666
add action=dst-nat chain=dstnat comment="Port 80 forward to phone test"
disabled=yes dst-port=8015 in-interface=pppoe-out1 protocol=tcp
to-addresses=192.168.202.190 to-ports=80
/ip firewall service-port
set sip disabled=yes
/ip route
add check-gateway=arp distance=1 gateway=pppoe-out1 routing-mark=
"WAN1 Routing Mark"
add check-gateway=arp distance=2 gateway=192.168.3.1 routing-mark=
"WAN1 Routing Mark"
add check-gateway=arp distance=3 gateway=192.168.2.1 routing-mark=
"WAN1 Routing Mark"
add check-gateway=arp distance=1 gateway=192.168.2.1 routing-mark=
"WAN2 Routing Mark"
add check-gateway=arp distance=2 gateway=pppoe-out1 routing-mark=
"WAN2 Routing Mark"
add check-gateway=arp distance=3 gateway=192.168.3.1 routing-mark=
"WAN2 Routing Mark"
add check-gateway=arp distance=1 gateway=192.168.3.1 routing-mark=
"WAN3 Routing Mark"
add check-gateway=arp distance=2 gateway=192.168.2.1 routing-mark=
"WAN3 Routing Mark"
add check-gateway=arp distance=3 gateway=pppoe-out1 routing-mark=
"WAN3 Routing Mark"
add check-gateway=arp distance=1 gateway=192.168.4.1 routing-mark=
"WAN4 Routing Mark"
add check-gateway=arp distance=2 gateway=192.168.2.1
add check-gateway=arp distance=3 gateway=192.168.3.1
add check-gateway=arp distance=4 gateway=192.168.4.1
/ip service
set www port=81
/ppp secret
add local-address=192.168.20.1 name=premitel password=******
remote-address=192.168.20.5 service=pptp
add local-address=192.168.20.1 name=premitel2 password=*******
remote-address=192.168.20.5 service=l2tp
/system clock
set time-zone-name=Europe/London
/system routerboard settings
set cpu-frequency=720MHz protected-routerboot=disabled