Hi All,
I have two gateways to the internet using RB750
Gateway 1: 1.1.1.1 (ISP1)
Gateway 2: 2.2.2.2 (ISP2)
LAN: 192.168.16.0/24
How to route access to certain ip to a specific gateway
For example, LAN access to IP 3.3.3.3 will go through gateway 2 (ISP2)
While access to other IP and browsing to Gateway 1 (ISP1)
Thank you in advance
[Sorry for my messy english]
Not a problem,…
So basically you have a situation where
ISP1 is the primary gateway and you want all users to use this gateway.
BUT
You have one user that you want to force to ISP2.
Question1: What happens if ISP1 becomes unavailable for some reason, did you want all users to then be able to access ISP2?
Question2: What happens if ISP2 becomes unavailable for some reason, did you want the special user to then have access to ISP1?
Hi anav.. sorry for my late reply
The answer is “no”
If ISP1 or ISP2 down, then no reroute to IP 3.3.3.3
The reason is, ISP2 use for app and database replication to Head Office (IP 3.3.3.3)
ISP1, use for browsing and email
ISP1 block port sql server
Thanks
Okay so let me get this straight.
ONE LAN on MT router
ALL IPs to use WAN1
Specific IP to use WAN2
If WAN2 fails, then Specific IP is NOT rerouted over WAN1 (office app data replication function to head office is cut-off).
If WAN1 fails, then access for email and browsing for all users is NOT rerouted (access to browsing and email is cut-off).
So there is not fail-over required for this setup?
You do realize that IP 3.3.3.3 can reach any other IP on the LAN and anybody on the LAN can reach 3.3.3.3??
In the simple case, my assumptions then…
/ip route
add distance=1 gateway=gatewayIP of WAN2 preferred source= 3.3.3.3
add distance=2 gateway=gatewayIP of WAN1
You will need some SourceNat Rules as well.
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN2 src-address=3.3.3.3
add action=masquerade chain=srcnat comment=“SCR_NAT for LAN Users”
out-interface=WAN1
hi anav, thanks for your reply
There might be a misperception between us
Here is my topology
LAN: 192.168.16.0/24
ISP1: 1.1.1.1
ISP2: 2.2.2.2
HO IP: 3.3.3.3
Connection to IP HO (3.3.3.3) from the LAN will be routed to ISP1
While other access (browsing and e-mail) will be routed to ISP2
If ISP1 down, then internet LAN user will be down
If ISP2 down, then connection to HO (3.3.3.3) will be down
There’s no failover at ISP1 and ISP2
If ISP1 and ISP2 down, then there will be chaos in the office ^^
I’m trying to use mark routing, hopefully it works
Thank you in advance
I dont understand why a business would not want to make use of the redundancy of a dual wan scenario or in other words why would want a potential chaos when it could be avoided.
Oh well, can lead a horse to water…
I think I understand better now, lets see if I got it.
There is only one lan.
All lan traffic headed for public IP HO IP shall use WAN2
All other lan traffic headed for the internet shall use WAN1
/ip firewall mangle
add chain=prerouting action=mark-connection dst-address=3.3.3.3
connection mark=no-mark new-connection-mark=HOtraffic in-interface=LAN
passthrough =yes
add chain=prerouting action=mark-route connection-mark=HOtraffic
new-routing-mark=routeHO passthrough=no
/ip route
add distance=2 gateway=(gatewayIP of WAN1)
add distance=3 gateway=(gatewayIP of WAN2) routing-mark=routeHO