Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

use second Wan Only to go outside for one ip

Locked
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

use second Wan Only to go outside for one ip

Fri Sep 28, 2018 4:20 pm

hi,

i have two wan :
Wan1: 192.168.1.254
Wan2: 192.168.88.1
Wan1 is my adsl box, wan2 LTE router board:
i have 2 rule nat and one mangle rule:
;;; Access au net par lte
chain=prerouting action=mark-routing new-routing-mark=to-Wa2 passthrough=yes src-address-list=Alow-wan2 dst-address-list="" log=no
log-prefix=""
/////////////////////////////nat///////////////////////////
;;; WAN2
chain=srcnat action=masquerade out-interface=ether3 log=no log-prefix=""

1 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN log=no log-prefix=""
///////////////////////////////////////route crs125/////////////////////
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 192.168.88.1 1
1 A S 0.0.0.0/0 192.168.1.254 1
2 X S 172.16.0.0/23 192.168.2.106 1
3 ADC 192.168.1.0/24 192.168.1.2 br-Wan 0
4 ADC 192.168.2.0/24 192.168.2.1 br-lan 0
5 ADC 192.168.3.0/24 192.168.3.1 br_domotique 0
6 X S 192.168.4.0/24 192.168.2.250 1
7 ADC 192.168.88.0/24 192.168.88.252 ether3
/////////////////////////////////router lte ////////////////////////////
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 lte1 1
1 ADC 10.60.139.139/32 10.60.139.139 lte1 0
2 A S 192.168.1.0/24 bridge 1
3 A S 192.168.2.0/24 bridge 1
4 ADC 192.168.88.0/24 192.168.88.1 bridge 0
i have some kind problem with this configuration, i can t access to 192.168.1.254 disque share , no route.
i would like my adress-list allow-Wan2 use wan2 only for internet or ftp .

thank you
BR
Top
 
User avatar
Anumrak
Forum Guru
Forum Guru
Posts: 1174
Joined: Fri Jul 28, 2017 2:53 pm

Re: use second Wan Only to go outside for one ip

Fri Sep 28, 2018 4:27 pm

Just create more specific nat rule above the first one.
Top
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: use second Wan Only to go outside for one ip

Fri Sep 28, 2018 6:35 pm

hi , thank you

can you give me an example

i m newbies
br
Top
 
User avatar
AminYounessi
Trainer
Trainer
Posts: 55
Joined: Wed Nov 23, 2016 7:39 am

Re: use second Wan Only to go outside for one ip

Sun Sep 30, 2018 1:47 pm

Hi,

You jut need to specify "new-routing-mark=to-Wa2" under the second default route for the ISP2/ routing mark option.

Best Regards,
Top
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: use second Wan Only to go outside for one ip

Sun Sep 30, 2018 8:20 pm

hi,
i try to change nat invert rule one with rule two:

Don t work.

i change mangle rule like this:
1 X ;;; Access au lan
chain=prerouting action=mark-routing new-routing-mark=to-lan passthrough=yes src-address-list=Alow-wan2 dst-address-list="" log=no log-prefix=""

2 ;;; web
chain=prerouting action=mark-routing new-routing-mark=to-Web passthrough=no protocol=tcp src-address-list=Alow-wan2 dst-port=80 log=no
log-prefix=""

3 ;;; web
chain=prerouting action=mark-routing new-routing-mark=to-Web passthrough=no protocol=tcp src-address-list=Alow-wan2 dst-port=443 log=no
log-prefix=""

4 ;;; web
chain=prerouting action=mark-routing new-routing-mark=to-Web passthrough=no dst-address=185.216.24.203 src-address-list=Alow-wan2 log=no
log-prefix=""

Now i use wan2 only for web ftp and work fine.

But i would like to known how i can configure nat for have an access to lan when i use my first mangle rule.
Just to know for my self.
br
Top
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: use second Wan Only to go outside for one ip

Wed Oct 03, 2018 12:45 pm

Hi,

You jut need to specify "new-routing-mark=to-Wa2" under the second default route for the ISP2/ routing mark option.

Best Regards,
Sorry Amin i don t read correctelly your reply... (stupid froggy :)).

I try today

br
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19363
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: use second Wan Only to go outside for one ip

Wed Oct 10, 2018 5:40 pm

I have no idea how the responders (must be friggen geniuses and mind readers) to your question actually grasp what is being asked here.
There is not enough detail for me to understand your requirements (I must be slow).

1. You have two WANIPs
2. You want all traffic on your network to use WAN1
3. Except you want one IP on your network (one computer or device) to use WAN2.

Is that correct?
Top
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: use second Wan Only to go outside for one ip

Wed Oct 10, 2018 7:32 pm

I have no idea how the responders (must be friggen geniuses and mind readers) to your question actually grasp what is being asked here.
There is not enough detail for me to understand your requirements (I must be slow).

1. You have two WANIPs
2. You want all traffic on your network to use WAN1
3. Except you want one IP on your network (one computer or device) to use WAN2.

Is that correct?
hi anav
Sorry for my english.
i have router CRS125-24G-1S-2HnD , in this routeur i have 2 interface for the wan.
first interface eth1:192.168.1.254 is connect to my adsl-box (internet foruniser)192.168.1.254.
Second interface eth3 :192.168.88.254 is connect to my RouterBOARD wAP R-2nD (LTE 4G)
My Lan :br-lan:192.168.2.x
i create mangle rules like this:
Code: Select all
add action=mark-routing chain=prerouting comment="Access au net par lte" \    disabled=yes dst-address-list="" new-routing-mark=to-Wa2 passthrough=yes \    src-address-list=Alow-wan2
Allow-wan2 is my computer(192.168.2.10)
route
0000/0 gateway 192.168.88.1 reachable eth3 routing mark to-Wa2
0000/0 gateway 192.168.1.254 reachable br-Wan
192.168.1.0/24 gateway reachable br-Wan
192.168.88.0/24 gateway eth3 reachable
With this configuration my computer dont find Lan 192.168.1.254 (adsl-box) and on my box i have hard-drive
i hope you understand ..
thank you
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19363
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: use second Wan Only to go outside for one ip

Wed Oct 10, 2018 8:54 pm

Hi Olivier, no worries take your time to explain.

- Wan 1 - ASDL eth1
- Wan 2 - LTE (cellular) eth3
- ONE network LAN 192.168.2.x

Which is true?
a. You have one device, a PC 192.168.2.10, that you wish ONLY to have access to Wan2
b. You want all devices to use WAN1 (except the PC in a.)
c. You want all devices to have no internet access if WAN1 is not available (no fail over to WAN2)
d. You do not want 192.168.2.10 to use WAN 1 if WAN 2 is not available (no fail over to WAN1)

I am not interested in setup or configuration details until I understand the requirements
Top
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: use second Wan Only to go outside for one ip

Wed Oct 10, 2018 9:45 pm

Hi Olivier, no worries take your time to explain.

- Wan 1 - ASDL eth1
- Wan 2 - LTE (cellular) eth3
- ONE network LAN 192.168.2.x

Which is true?
a. You have one device, a PC 192.168.2.10, that you wish ONLY to have access to Wan2 ok
b. You want all devices to use WAN1 (except the PC in a.) no
c. You want all devices to have no internet access if WAN1 is not available (no fail over to WAN2)ok
d. You do not want 192.168.2.10 to use WAN 1 if WAN 2 is not available (no fail over to WAN1)no
pc 192.168.2.10 can access to all lan

br
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19363
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: use second Wan Only to go outside for one ip

Thu Oct 11, 2018 4:34 am

Nothing is cleared up by your answers.
I have no idea what you are trying to accomplish.
Suggest write up IN DETAIL, with full explanations in your own language and then tell me what language it is and I will use google translate.
Top
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: use second Wan Only to go outside for one ip

Thu Oct 11, 2018 12:50 pm

bonjour ana,

J ai deux connection internet.
je souhaite que le pc 192.168.2.10 utilise la connection Wan2 et que le reste du reseau utilise le Wan1.
Je veux aussi que le pc 192.168.2.10 puisse avoir access au reseau 192.168.1.0/24 car sur la box de mon fournisseur d access internet il y a un disque dur.

merci de pour ta patience.
olivier
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19363
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: use second Wan Only to go outside for one ip

Thu Oct 11, 2018 4:29 pm

Ahhh, Mr. PSG! ;-P Bonjour mon ami! Barca et mon equippe!

Now I understand the third item. You wish to access your providers Router. I have no idea how to do that and not sure what permissions you have?
Personally I would throw their hunk of junk away and simply use the mikrotik but that is probably not possible.

Why do you want access to their hard drive?
Top
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: use second Wan Only to go outside for one ip

Thu Oct 11, 2018 9:55 pm

hi Barca ,

C est possible
En faite la box de mon profider est chez moi et est accessible via 192.168.1.254 (routerbox).
Mon routeur mikrotik a une patte sur le lan de ma box 192.168.1.0/24
Mon lan personnel est 192.168.2.0/24.
depuis mon lan personnel , j ai access au disque dur de la box //192.168.1.254/disque/video.
Par contre mon pc 192.168.2.10 n a plus access au disque lorsqu il utilise la connection cellulaire .Il ne trouve pas la route depuis le LTE mikrotik.(192.168.88.1 pour le lan).
Pour pallier a ce probleme j ai du rajouter une mangle qui indique que si la destination est 192.168.1.254 il doit prendre la route wan1.
Mais je pense que l on peut mieux faire.

bonne soiree mon ami(e)
Top
Locked

Who is online

Users browsing this forum: Bing [Bot], unhuzpt and 61 guests
  4. RouterOS
  5. Beginner Basics