So here is a bit of the code to what I did
This is on a RB1200 with 3 PPPOE Dialups on ether1, 2, 3. It has a local lan 192.168.8.1/24 on ether4 and 5 hotspot routers on 192.168.7.0/24 range ether5. Also hotspot routers on 192.168.20.0/24.
When using 1 WAN everything routed fine and I could connect from local lan to the hotspot boxes and with a VPN I could also access all the boxes. The dude map had all the boxes online.
So then I routed some of the hotspot boxes by adding
chain=prerouting action=mark-routing new-routing-mark=wifi passthrough=no
This picks up all the traffic from the hotspot box 192.168.20.9 and marks it wifi
Then I added a route
Ip Route Add Dst-Address=0.0.0.0/0 Gateway="pppoeout2" Routing-Mark=wifi
(Now that I read it, can a route like this be passed to an interface name "pppoeout2" or is it better to route to the actual ip address. It works but is it correct ? )
So now the hotspot uses the second WAN but at the same time it is no longer reachable from the local lan or the vpn connection.
I have setup a NAT masquerade rule for both wan
chain=srcnat action=masquerade out-interface=pppoe-out1
chain=srcnat action=masquerade out-interface=pppoe-out2
I have disabled everything in the firewall just for testing but I cant figure out the missing link ?
So what am I missing to allow access to the subnets after adding a mangle rule?