How to get 2 lan with 2 wan

Thu Oct 15, 2009 12:24 am

Hi people!
please excuse my english...

the thing is, I have a PC with routerOS 3.28
the escenario:
I have a lan network ( which is going out by the ISP1, this one is working perfectly.

I have another network (like a DMZ) and I want this network go out to ISP2 on the same RouterOS-PC

the first problem is that i cann't do ping to the ISP2 public ip address from outside, but if i connect the cable to a windows machine, and configure the settings for this ISP2 i do ping without problem. so, I think I'm doing something wrong.

I dont need balancing I just need two networks... >>> ISP1 and >>> ISP2, and then I will have ISP2 >> NAT working.

thank you!
Re: How to get 2 lan with 2 wan

Tue Oct 20, 2009 11:14 pm

using pre routing marks, tag based on src-address

set default routes based on prerouting mark
Re: How to get 2 lan with 2 wan

Wed Oct 21, 2009 3:44 am

Basically you have three sources to account for:

- DMZ (This means the DMZ only consits of one Server and the router !?)
- The router itself

I would use three routers in this case:
ISP1 --- --- NAT-Router ---- -+    +-- --- PCs
                                                               |    |
                                                               |    |
ISP2 --- ---- Router ------- -+    +-- --- Server

So, why not do this directly in RouterOS?
One simple reason: With policy routing (which bellis mentioned) you always need to enter the gateway IPs, but you never know when your ISP gets in the mood of changing it's gateways IP and suddenly everything stops working.
To prevent this I would put two routers in front and in RouterOS then reference their LAN-IPs :)

And now on to policy based routing:

Go into IP > Firewall > Mangle and add a new rule:

Chain: prerouting
Src. address:
Action: mark routing -> dmz-traffic

Then go into IP > Routes and add a new route:
Gateway: (for my example from above)
Routing mark: dmz-traffic

That should do the trick.

Best regards


