Community discussions

MikroTik App
 
Diego83
just joined
Topic Author
Posts: 2
Joined: Wed Apr 14, 2021 4:45 pm

2 wan 2 lan

Wed Apr 14, 2021 4:58 pm

Hi, I have configured a RB2011 with 2 WAN and 2 LAN. Configuration below works fine. I also need to remote connect via winbox to RB2011. When i try to connect to public address doen't work. It does work only wiith 1 WAN but not with 2 WANs. What's wrong?

/ip firewall filter rules
add action=accept chain=input comment="Accetto traffico porta 8192" dst-port=8192 protocol=tcp
/ip firewall mangle
add action=mark-routing chain=prerouting new-routing-mark=LAN1_to_WAN1 passthrough=yes src-address=192.168.10.0/24
add action=mark-routing chain=prerouting new-routing-mark=LAN2_to_WAN2 passthrough=yes src-address=192.168.20.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment=WAN1 out-interface=ether1-WAN1
add action=masquerade chain=srcnat comment=WAN2 out-interface=ether10-WAN2
/ip route
add distance=1 gateway=x.x.x.x routing-mark=LAN1_to_WAN1
add distance=1 gateway=y.y.y.y routing-mark=LAN2_to_WAN2
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 6842
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: 2 wan 2 lan

Sat Apr 17, 2021 2:30 am

No idea why you are showing pre-routing.
The only thing I can say is that attempting to open a door to the router via your winbox port is unsafe and should be avoided.
If you need access to the router externally, then the proper way is via a VPN tunnel to the LAN side and then access the router from the LAN.

There is a shortcut way that although not recommended is still way better than what you have proposed.
https://wiki.mikrotik.com/wiki/Port_Knocking

The example shows two but most people Ive seen make it 3 or four port knocks..............
Would post your config here before attempting just use fake port numbers for that, but its important to get your input chain rules correct.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
Eduardo25
just joined
Posts: 9
Joined: Fri Mar 12, 2021 11:49 pm

Re: 2 wan 2 lan

Sat Apr 17, 2021 7:46 am

use the mac address for the meantime
 
Diego83
just joined
Topic Author
Posts: 2
Joined: Wed Apr 14, 2021 4:45 pm

Re: 2 wan 2 lan

Mon Apr 19, 2021 10:39 am

I would like to start with simple things. What is missing in the firewall filter rule to make it work? Once it works I can try to implement a vpn to access the router
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 6842
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: 2 wan 2 lan

Mon Apr 19, 2021 3:41 pm

Sorry I dont help config security holes.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!

Who is online

Users browsing this forum: Bing [Bot], Majestic-12 [Bot], ste and 86 guests