Community discussions

MikroTik App
 
anigwei
just joined
Topic Author
Posts: 2
Joined: Mon Jan 07, 2019 9:53 am

Openvpn connection thru backup link

Mon Jan 07, 2019 10:19 am

Hi,

I have attached an old Cisco 880 with 3G connection to my Mikrotik home router, in order to use it as a backup connection only for "incoming" management. (i.e. access router/server when I'm not home).

In the other hand, my routerOS has always an Openvpn connection always stablished to an external server.

My question is: When Internet goes down (primary link), is there any easy way to restablish only the openvpn connection through the 3G WAN? That connection has bandwidth very expensive, so I want it only for management+ssh via the ovpn server, not browsing or internet connection.

I have the default route
1 ADS 0.0.0.0/0 Movistar 1
and then the 3G connection with the routing-mark=sortida-3G
8 ADC 192.168.3.0/30 192.168.3.1 ether5-3G 0

I suppose that I should create a script in the netwatch that marks the openvpn packets with the mark sortida-3G only when the main connection is lost. And when main connection comes again, unmark the packets. Is it the correct way?

Thank you!
 
anigwei
just joined
Topic Author
Posts: 2
Joined: Mon Jan 07, 2019 9:53 am

Re: Openvpn connection thru backup link

Fri Jan 11, 2019 1:34 pm

I answer myself:

Cisco 3G is added as a gateway marked "sortida-3G"
add distance=1 gateway=192.168.3.2 routing-mark=sortida-3G

Then I add a disabled mangle rule:
add action=mark-routing chain=output disabled=yes dst-address=a.b.c.d (ip of vpn server) new-routing-mark=sortida-3G passthrough=yes
This rule is enabled every time Netwatch detects that internet has gone:
/ip firewall mangle enable 6
.. and enabled when netwatch detects internet is back again
/ip firewall mangle disable 6
As openvpn is always running, when internet is down it will try to reconnect, and go through the newly enabled route.

Who is online

Users browsing this forum: holvoetn and 37 guests