Hi Everyone
I have a couple of specific questions regarding dual wan with auto failover. One of my interfaces (the Main / Primary one) is a PPPoE, so the route is dynamically provided. My secondary wan is provided through an ISP-provided router, and my Mikrotik’s ether5 is plugged into it and I have a DHCP IP of 192.168.1.64 from it (yes, I am aware it will be dual nat but this is not a problem for me).
I’ve watched some videos and read the documentation on how to do this, and it appears that I need to add two new routes to some hosts on the internet somewhere, and have the router monitor them.
My question is specifically around how to manage the outbound NAT for internet access for my LAN hosts.
Currently, my PPPoE connection is added to the alias called “WAN”, and the defconf masquerade rule is handling NAT for my LAN hosts.
/ip firewall nat add action=masquerade chain=srcnat comment="NAT for PRI WAN" ipsec-policy=out,none out-interface-list=WAN
I am just wondering how I need to configure NAT masquerade so that when the internet fails over, the router automatically starts using my second IP for NATing
Do I
- Add a second NAT srcnat rule under the existing rule and put the ether5 like so
/ ip firewall nat add action=masquerade chain=srcnat comment="NAT for PRI WAN" ipsec-policy=out,none out-interface="ether5 - WAN_SECONDARY"
- Or add the interface "“ether5 - WAN_SECONDARY” to the “WAN” interface list?
Does it matter which step I take?