Community discussions

MUM Europe 2020
just joined
Topic Author
Posts: 13
Joined: Sun Oct 13, 2013 6:21 am

Config help - 2 WAN + LAN + VPN + DMZ

Sun Oct 13, 2013 7:09 am

I have a RB750GL. I have 2 WANs. One is a FTTH 60MBPS with PPTP and the other is a ADSL 8MBPS with PPPoE.

I am just a beginner and not very experienced in Mikrotik. I can read tutorials and follow them, but when it comes to IP Tables, I am not good enough to create my own rules that work. I know that the configuration I need is a complicated one, but this is what I need to setup. I have tried tried and tried, but I am unable to get even the basics going with my setup, and am at my wits end...

1. I would like the 2 WANs to be configured in active-active mode so that traffic flows through the FTTH connection only, and transparently fails over to the ADSL, and again transparently failsback to FTTH (The FTTH connection's PPTP server has poor uptime). It would be nice to have an email alert when any of this happens.

2. I also have a VPN (I can do PPTP or OpenVPN). Traffic from specific devices MUST go out via the VPN (or else fail if the VPN is down). These specific devices need to get a static IP from the DHCP server. These specific devices should be able to access the other machines on the LAN (e.g. my NAS). The VPN should also connect via the failover WAN if the primary WAN is down.

3. I have a small NetTop serving out HTTP/HTTPS that I want to put into a properly isolated DMZ. All ports should get forwarded into the DMZ. Some specific ports (SSH) need to get forwarded from the WAN to a machine (Static IP) I have on the LAN. If the server in the DMZ is broken into, I definitely dont want my LAN to be accessible.

4. I want to throttle the DMZ network so that it does not hog all the bandwidth I have. It would be nice if I can turn the throttling off (or on) without rebooting the router, but this is not a must-have.

5. I need a PPTP or OpenVPN server so that I can access the LAN (e.g. my NAS and my security camera) via the internet when travelling

6. I need the bandwidth utilization logged (on the WANs/DMZ/LAN/VPN) so that I can see how much of the 'quota' I have used every day / month (so that I can upgrade the plan as needed)

7. Administering the MikroTik box should be possible only from the LAN. Preferably via HTTPS.

I am just a beginner on Mikrotik, and am not able to get any of this going. I have spent a lot of time reading the tutorials, but when I combine them all into a single config, everything appears to falls apart.

Any help someone can give me with the configuration would really be wonderful.

BTW, if the configuration works well, I plan to get a RB1100AHx2 so that I get full throughput on the WAN and the VPN.


Who is online

Users browsing this forum: solarsensei and 34 guests