(SOLVED) 2 Wans (1 only fot http traffic) don't work :(

RouterOS General
1

I have 2 wans, and I want use one only for http traffic, and the other WAN for the rest of traffic.
First I made a connection mark, packet mark, and route mark for 80 TPC port.
After, I mark the rest of traffic (connection, packet and route). It seems very simple: (
I don't know how resolve it, I read and read and tried a lot of options...please help
The configuratión es very simple, What is wrong or missing?

// MASQUERADE
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=public1 src-address-list=10.0.0.0/24
add action=masquerade chain=srcnat disabled=no out-interface=public2 src-address-list=10.0.0.0/24

// DHCP CLIENT
/ip dhcp-client
add disabled=no interface=public1 use-peer-dns=yes use-peer-ntp=yes
add disabled=no interface=public2 use-peer-dns=yes use-peer-ntp=yes
(I try with default_route=yes also)

// MANGLE
/ip firewall mangle
add action=mark-connection chain=prerouting connection-state=new disabled=no dst-port=80 new-connection-mark=Wan02_con passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=Wan02_con disabled=no new-packet-mark=Wan02_mark passthrough=yes
add action=mark-routing chain=prerouting connection-mark=Wan02_con disabled=no new-routing-mark=Wan02_Route passthrough=no

add action=mark-connection chain=prerouting connection-state=new disabled=no new-connection-mark=Wan01_con passthrough=yes
add action=mark-packet chain=prerouting connection-mark=Wan01_con disabled=no new-packet-mark=Wan01_mark passthrough=yes
add action=mark-routing chain=prerouting connection-mark=Wan01_con disabled=no new-routing-mark=Wan01_Route passthrough=no

// ROUTE
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.0.1 pref-src=192.168.0.104 routing-mark=Wan02_Route scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=93.156.56.254 routing-mark=Wan01_Route scope=30 target-scope=10

/ip route rule
add action=lookup disabled=no interface=public1 routing-mark=Wan01_Route table=Wan01_Route
add action=lookup disabled=no interface=public2 routing-mark=Wan02_Route table=Wan02_Route

(PRINT OF ROUTES)

DST-ADDRESS PREF-SRC GATEWAY DISTANCE

0 A S 0.0.0.0/0 192.168.0.104 192.168.0.1 1
1 A S 0.0.0.0/0 93.156.56.254 1
2 ADC 10.0.0.0/24 10.0.0.1 bridge 0
3 ADC 93.156.56.0/21 93.156.57.178 public1 0
4 ADC 192.168.0.0/24 192.168.0.104 public2 0

2

remove preferred source IP’s from the 1st default gateway rule. Def. GW has no prefferred source.

So:
// ROUTE
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-mark=Wan02_Route scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=93.156.56.254 routing-mark=Wan01_Route scope=30 target-scope=10

3

No need for connection or packet marks since you only want to influence routing unidirectionally (local host to Internet). No need to mark anything but the traffic you’re trying to policy route (HTTP). Remove your mangle rules and routes and use the below.

/ip firewall mangle
add action=mark-routing chain=prerouting disabled=no new-routing-mark=HTTP passthrough=no src-address=10.0.0.0/24 protocol=tcp dst-port=80

/ip route
add routing-mark=HTTP dst-address=0.0.0.0/0 gateway=192.168.0.1
add dst-address=0.0.0.0/0 gateway=93.156.56.254
4

At last it works!, seeing you example I see that I had not written the “Src. Address=10.0.0.0/24” in action "Mark routing "
Thank you very much!