ok the other stuff works now the only problem i have now left is when my accountant logs on my internet banking www.absa.co.za and enters credentials usernam pass ect... and enters it logs him out automatically and tells us we changed ip addresses between auth and login? so i know pcc splits traffice but why does it split my web traffice when im authenticating on the web?

Most likely it is different connection probably to different server. You can make your setup so that secure connections is always going only over one gateway.

ok how would i accomplish that?

simply mark all tcp/443 traffic and route it always over one gateway.

can u pleas post code?

here is link to mangle:
http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle

also, you can check examples and forums,there are lot of examples that use mangle, routing marks.

but i need to add it to my mangle i tryed my best but failed here is how my mangel are looking now!

, I - invalid, D - dynamic
0 chain=input action=mark-connection new-connection-mark=wan1_conn passthrough=no in-interface=ether3-NEOTEL

1 chain=input action=mark-connection new-connection-mark=wan2_conn passthrough=no in-interface=ether1-mweb

2 chain=input action=mark-connection new-connection-mark=wan3_conn passthrough=no in-interface=ether2-is

3 chain=output action=mark-routing new-routing-mark=to_wan1 passthrough=no out-interface=ether3-NEOTEL connection-mark=wan1_conn

4 chain=output action=mark-routing new-routing-mark=to_wan2 passthrough=no out-interface=ether1-mweb connection-mark=wan2_conn

5 chain=output action=mark-routing new-routing-mark=to_wan3 passthrough=no out-interface=ether2-is connection-mark=wan3_conn

6 chain=prerouting action=accept dst-address=41.160.177.0/29 in-interface=ether10-lan

7 chain=prerouting action=accept dst-address=41.134.110.0/28 in-interface=ether10-lan

8 chain=prerouting action=accept dst-address=196.212.100.0/28 in-interface=ether10-lan

9 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether3-NEOTEL
dst-port=20-25,80-89,443,3000,3203-3206,5900-5935,6000-6020,7000,8080-8082

10 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether3-NEOTEL
dst-port=2040-2050,6000-6020,6080,6500-6501,9091,8061,88-89,881

11 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether3-NEOTEL dst-port=143,110,5999,10000

12 chain=prerouting action=mark-connection new-connection-mark=wan2_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether1-mweb
dst-port=20-25,80-89,443,3000,3203-3206,5900-5935,6000-6020,7000,8080-8082

13 chain=prerouting action=mark-connection new-connection-mark=wan2_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether1-mweb
dst-port=2040-2050,6000-6020,6080,6500-6501,9091,8061,88-89,881

14 chain=prerouting action=mark-connection new-connection-mark=wan2_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether1-mweb dst-port=143,110,5999,10000

15 chain=prerouting action=mark-connection new-connection-mark=wan3_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether2-is
dst-port=2040-2050,6000-6020,6080,6500-6501,9091,8061,88-89,881

16 chain=prerouting action=mark-connection new-connection-mark=wan3_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether2-is
dst-port=20-25,80-89,443,3000,3203-3206,5900-5935,6000-6020,7000,8080-8082

17 chain=prerouting action=mark-connection new-connection-mark=wan3_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether2-is dst-port=143,110,5999,10000

18 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=no dst-address=192.168.88.2 in-interface=ether10-lan

19 chain=prerouting action=mark-connection new-connection-mark=wan2_conn passthrough=no dst-address=192.168.88.2 in-interface=ether10-lan

20 chain=prerouting action=mark-connection new-connection-mark=wan3_conn passthrough=no dst-address=192.168.88.2 in-interface=ether10-lan


21 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes dst-address-type=!local in-interface=ether10-lan connection-mark=no-mark
per-connection-classifier=both-addresses:3/0

22 X chain=prerouting action=mark-connection new-connection-mark=wan2_conn passthrough=yes dst-address-type=!local in-interface=ether10-lan connection-mark=no-mark
per-connection-classifier=both-addresses:3/1

23 X chain=prerouting action=mark-connection new-connection-mark=wan3_conn passthrough=yes dst-address-type=!local in-interface=ether10-lan connection-mark=no-mark
per-connection-classifier=both-addresses:3/2

24 chain=prerouting action=mark-routing new-routing-mark=to_wan1 passthrough=yes in-interface=ether10-lan connection-mark=wan1_conn

25 chain=prerouting action=mark-routing new-routing-mark=to_wan2 passthrough=yes in-interface=ether10-lan connection-mark=wan2_conn

26 chain=prerouting action=mark-routing new-routing-mark=to_wan3 passthrough=yes in-interface=ether10-lan connection-mark=wan3_conn
-- [Q quit|D dump|up|down]

so i don't know where i can add the rule to force 443 throw one interface and how must my rule look?