I have 2 WAN Connections (i.e. ISP1 & ISP2). ISP1 is the default and ISP2 is the failover. I have routed some specific device through ISP2 (add action=lookup-only-in-table src-address=192.168.0.111/32 table=ISP2 & add comment=ISP2 DefaultRoute distance=1 gateway=192.168.11.1 routing-mark=ISP2).
Also i have a L2TP/IPSec VPN Client. How can i access the above device (192.168.0.111) through the VPN Tunnel? I have tried creating a static route to the VPN Client (192.168.55.2) via the L2TP Interface as Gateway with routing mark ISP2 and it seems to work until i disconnect and reconnect to the VPN Server. Then the Gateway turns to unknown and i have to recreate the static route.
Several issues… the device will likely go out WAN2 regardless if the device originating traffic or returning traffic from some external entity as its routing is done via routing rules and the specific table
Suggest that there are several possibilities to explore.
- add an additional routing rule BEFORE the one forcing traffic to WAN2.
add action=lookup-only-in-table src-address=192.168.0.111.32 dst address=VPNsubnet table=MAIN
add action=lookup-only-in-table src-address=192.168.0.111/32 table=ISP2
If this was a problem for more than one device (as this will work for any subnet user/device…
add action=lookup-only-in-table dst address=VPNsubnet table=MAIN
add action=lookup-only-in-table src-address=192.168.0.111/32 table=ISP2
The above assumes that the L2 ispec etc.. remote entry is over WAN1…
- The other possibility is to mangle traffic… I would go this route if the issue was ensuring incoming wan2 traffic needed to go out WAN2, but in your case, the traffic is incoming on WAN1.