Software - 6.47.7
Location - USA (if relevnat)
Existing ISP1 configuration (ISP1 -> RB -> LAN, no DHCP on the RB itself) , adding ISP2 to provide redundancy to existing configuration
ISP 1 Cable modem
ISP 2 - ATT Uverse internet (Uverse modem configured in passthrough mode)
What I did/what I see
1) Plug in ISP2. On Interfaces, I now see I see ISP1 marked "R" (Master) and IPS2 marked "RS" (Slave). not sure why ISP2 got RS.
2) On IP->Addresses , i see
LAN address belonging to interface "bridge1"
ISP1 Address
added ISP2 address based on what Uverse modem issues in passthrough (76.217. etc address for me)
3) Going to IP-Firewall->NAT , trying to allow ISP2 to be used for Out Interface I get message "in/out interface not possible when ISP2 is slave, use master instead "bridge 1")
What am I doing wrong? what should I be doing instead?
What I want is
ISP1 -> LAN
ISP2 -> LAN
no DHCP
thank you!
I exported the current config as well, right now new interfaces is added but no rules are configured. what should I do next?
Code: Select all
/interface bridge
add admin-mac=6C:3B:6B:64:E0:34 auto-mac=no comment=\
"created from master port" name=bridge1 protocol-mode=none
/interface ethernet
set [ find default-name=ether5 ] comment=ATT_WAN name=ATT_Uverse_Internet \
speed=100Mbps
set [ find default-name=ether1 ] comment=WOW_WAN name=WOW_cable_internet \
speed=100Mbps
set [ find default-name=ether2 ] comment="Internal LAN" name=ether2-master \
speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
sword,web,sniff,sensitive,api,romon,dude,tikapp"
/interface bridge port
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ATT_Uverse_Internet
add bridge=bridge1 interface=ether2-master
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface detect-internet
set detect-interface-list=all
/interface list member
add interface=bridge1 list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ATT_Uverse_Internet list=discover
add interface=bridge1 list=mactel
add interface=bridge1 list=mac-winbox
/ip address
add address=10.1.1.100/24 comment=defconf interface=bridge1 network=10.1.1.0
add address=76.217.230.243 interface=ATT_Uverse_Internet network=\
76.217.231.255
/ip dhcp-client
add comment=defconf disabled=no interface=WOW_cable_internet
/ip dhcp-server network
add address=10.1.1.0/24 comment=defconf gateway=10.1.1.100 netmask=24
/ip dns
set allow-remote-requests=yes servers=10.1.1.41,9.9.9.9
/ip dns static
add address=10.1.1.100 name=router
/ip firewall filter
add action=drop chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" \
in-interface=WOW_cable_internet
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface=WOW_cable_internet
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
out-interface=WOW_cable_internet
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/system clock
set time-zone-name=America/Chicago
/system identity
set name=SMR
/system resource irq rps
set WOW_cable_internet disabled=no
set ether3 disabled=no
set ether4 disabled=no
set ATT_Uverse_Internet disabled=no
set ether2-master disabled=no
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox