Sending traffic for one Dest to one WAN port

Good morning.

I have an RB750 with 2 Cable modems plugged into it. I am using PCC to do “load balancing” between these 2 connections, using the “both addresses and ports” option, which seems to work well for most things. But i have an issue with a couple of sites…

Our College VPN is setup with HTTPS. If i connect, when PCC is set to both addresses and ports, i can connect, but keep getting kicked out every now and again due to “session expired” errors. I seems my session is linked to my IP address. If i change PCC to just “both addresses” it works perfectly… all connections go though either WAN 1 or WAN 2, depending on which one picked it up first… But it limits me when downloading files from FTP or HTTP, since, even if using a download manager, i will always go though a single WAN connection…

Is there a way to tell RouterOS that all connections to a given IP address or IP address block should use a particular out going port? I know this used to be possible on my old Linksys RV042, and i know there has to be a way to do it, since RouterOS is more advanced, i just, for the life of me, cant figure it out!

Thanks.

Sure. In your mangle rules create a rule with the dst address of the VPN you are connecting to and set the routing mark to which ever WAN you would like the connection to go through. Also be sure to move the rule above your PCC and don’t enable passthrough. It should look something like this.

/ip firewall mangle
add action=mark-routing chain=prerouting dst-address=8.8.8.8 new-routing-mark=\
    to_WAN1 passthrough=no

Lovely Job! Nice one! thanks!

I have just remotely connected to the network, made the change, and everything works perfect… up till the point i connected my workstation to the VPN and now i cant connect to it again… Whoops! but no problems with the router! thanks again!

Thanks tiernano for asking the question! (same problem I had)


And much more thanks for cbrown! YOU REALLY REALLY HELPED ME!