Page 1 of 1

PBR on packets originated from the router

Posted: Thu Oct 06, 2016 11:30 pm
by lz1dsb
I'm puzzled with the following setup. Currently I have a router that's connected via two ISPs. One of them is primary, the second one is backup. Over the primary ISP I have a static public IP address and I have built an IPsec tunnel to my main router. I would like to have a second tunnel (something simple like PPTP or SSTP) but I would like the router to use the backup line (it does not have static public IP address assigned).

So in a way it's a routing logic question. The standard routing table points to the primary ISP, and I have created a prerouting mangle rule to mark the PPTP packets and a static route that matches that routing mark and forwards the PPTP traffic over the backup connection. The problem is, I don't see the mangle rule working at all... is this because the traffic is originated by the router? How can I make it work for such traffic?

/ip route
add distance=1 gateway=192.168.1.1 routing-mark=backup

/ip firewall mangle
add action=mark-routing chain=prerouting dst-port=1723 new-routing-mark=backup passthrough=yes protocol=tcp 

Re: PBR on packets originated from the router

Posted: Mon Oct 10, 2016 10:15 am
by lz1dsb
Any ideas... Either I'm missing something, or this is not possible with RouterOS, which would be quite surprising...