Unable to access router from failover WAN IP when primary WAN IP is active, and vice versa.

Hello everyone,

I have 2 ISP’s connected to an RB3011. When the primary ISP is the lowest route distance, I can access the router on that circuit, but I am unable to get a successful ping on the failover, or send out any pings using the /tool ping option on the failover circuit. If I change the route order in RouterOS to where the failover circuit is active, I can then get suffessful pings on the failover, but am unable to access the router on the primary circuits IP, even though the circuit is still online (just not set as primary in the router). Why is this happening? What do I need to do to allow access to the failover IP when the primary circuit is still active?

I’m also noticing that the advanced failover script on the RouterOS Wiki won’t auto change back over to the primary circuit from the failover. I think this is happening because the scrip is unable to successfully ping using the primary gateway.

Any help would be greatly appreciated. Thank you in advance.

RB3011UiAS - RouterOS V 6.44.5 (Long Term)

If you specify an outgoing interface for the ping check that should work, however it will not fix incoming traffic via the failover interface - that requires connection & route marking to return incoming traffic back out of the same interface.

In many cases you can perform failover without scripting - either an interface going inactive for PPPoE and/or a gateway check in the route definition for simple checks, or something more advanced https://wiki.mikrotik.com/wiki/Advanced_Routing_Failover_without_Scripting

Because you ping router from backup IP and he try to respond through active default route!