I've successfully configured VRRP+OSPF with two RB2011UAS and everything works brilliant for connections from my network. But I have trouble with incoming connections when both routers are working.
Virtual GW IP: 192.168.88.1
RB1 IP(master VRRP): 192.168.88.2
RB2 IP(backup VRRP): 192.168.88.3
Server IP: 192.168.88.210
I've set dstnat rules to Server from WAN on both RB. If connection initiates through RB1 it will work but when it starts through RB2 I've got situation when RB2 sends SYN packet directly to Server (because 192.168.88.0/24 is connected route for RB2) but Server sends SYN+ACK packet through RB1 (which owns 192.168.88.1 as master VRRP) and connection terminates.
How can I configure routers to handle incoming connections correctly?