somehow my 2 wan failover does not work anymore. I might changed something in the past and I'm not sure what. I'm sure that both WAN are working fine and has working internet access.
Current always WanTelenor server the internet and if I unplug it, then there is not internet. It does not switch to WAN1.
When I specify the following where 192.168.88.254 is my ip, then I have internet access on WAN1 while others still use WanTelenor:
add action=mark-routing chain=prerouting dst-address=!192.168.87.0/24 new-routing-mark=PrimaryWan passthrough=yes src-address=192.168.88.254 src-address-list=""
The current configuration is the following:
82.000.000.5 -> WAN1 (it is a static ip, so I hide it)
82.000.000.30 -> WAN1 gateway
192.168.87.2 -> WanTelenor
192.168.87.1 -> WanTelenor gateway
Code: Select all
/ip address
add address=82.000.000.5 interface=WAN1 network=82.000.000.30
add address=192.168.87.2 interface=WanTelenor network=192.168.87.1
/ip route
add check-gateway=ping distance=1 gateway=82.000.000.30 routing-mark=PrimaryWan
add check-gateway=ping distance=10 gateway=192.168.87.1
/ip firewall filter
add action=drop chain=input dst-address=82.000.000.5 dst-port=53 protocol=udp
add action=drop chain=input dst-address=82.000.000.5 dst-port=53 protocol=tcp
add action=accept chain=input comment="Accept Established / Related Input" connection-state=established,related
add action=accept chain=input comment="Allow Management Input - 192.168.88.0/24" src-address=192.168.88.0/24
add action=accept chain=input comment="PPTP VPN" dst-port=1723 protocol=tcp
add action=accept chain=input comment="PPTP VPN" dst-port=500 protocol=udp
add action=accept chain=input comment="PPTP VPN" dst-port=1701 protocol=udp
add action=accept chain=input comment="PPTP VPN" dst-port=4500 protocol=udp
add action=accept chain=input comment="PPTP VPN" protocol=ipsec-esp
add action=accept chain=input comment="PPTP VPN" protocol=ipsec-ah
add action=drop chain=input comment="Drop Input" log-prefix="Input Drop"
add action=accept chain=forward comment="Accept Established / Related Forward" connection-state=established,related
add action=accept chain=forward comment="Allow forward traffic LAN >> WAN" out-interface=WAN1 src-address=192.168.88.0/24
add action=accept chain=forward out-interface=bridge1 src-address=192.168.88.0/24
add action=accept chain=forward comment="Allow forward traffic LAN >> WAN" out-interface=WanTelenor src-address=192.168.88.0/24
add action=drop chain=forward comment="Drop Bogon Forward >> Ether1" in-interface=WAN1 log=yes log-prefix="Bogon Forward Drop" src-address-list=Bogon
add action=drop chain=forward comment="Drop Forward"
/ip firewall mangle
add action=accept chain=prerouting dst-address=82.000.000.5 in-interface=WAN1
add action=accept chain=prerouting dst-address=192.168.87.2 in-interface=WanTelenor
add action=mark-routing chain=prerouting comment="Use PrimaryWan connection" dst-address=!192.168.87.0/24 new-routing-mark=PrimaryWan passthrough=yes src-address=192.168.88.254 src-address-list=""
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN1
add action=masquerade chain=srcnat out-interface=WanTelenor
add action=accept chain=srcnat