Community discussions

MUM Europe 2020
 
fbslim
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 55
Joined: Wed Feb 22, 2012 12:17 pm

3 IPs + 1 Gateway = 3 different routes. Is it possible on one device?

Sat Dec 23, 2017 11:19 am

Hello all!

The situation is...
I need to make 3 vpn connections, that each will have own Internet gateway to specific external IP.

For example:
Internal VPN IP after connect is 192.168.10.115. And it will have external IP 11.11.11.115
Internal VPN IP after connect is 192.168.10.116. And it will have external IP 11.11.11.116

My working example, based on 3 different gateways (and works good):
/ip firewall address-list
add address=192.168.10.0/24 list=Connected
add address=192.168.10.0/24 list=LAN
/ip firewall mangle
add chain=prerouting src-address-list=Connected dst-address-list=Connected action=accept

/ip firewall nat add action=masquerade chain=srcnat out-interface=ether1-gateway src-address=192.168.10.115
/ip route add gateway=11.11.11.65 routing-mark=115
/ip firewall address-list add address=11.11.11.115 list=Connected
/ip firewall mangle add chain=prerouting src-address=11.11.11.115 action=mark-routing new-routing-mark=115
/ip firewall mangle add chain=input connection-mark=no-mark in-interface=ether2-gateway action=mark-connection new-connection-mark=115-ros
/ip firewall mangle add chain=forward connection-mark=no-mark in-interface=ether2-gateway action=mark-connection new-connection-mark=115-lan
/ip firewall mangle add chain=prerouting connection-mark=115-lan src-address-list=LAN action=mark-routing new-routing-mark=115

/ip firewall nat add action=masquerade chain=srcnat out-interface=ether2-gateway src-address=192.168.10.116
/ip route add gateway=11.11.11.66 routing-mark=116
/ip firewall address-list add address=11.11.11.116 list=Connected
/ip firewall mangle add chain=prerouting src-address=192.168.10.116 action=mark-routing new-routing-mark=116
/ip firewall mangle add chain=input connection-mark=no-mark in-interface=ether2-gateway action=mark-connection new-connection-mark=116-ros
/ip firewall mangle add chain=forward connection-mark=no-mark in-interface=ether2-gateway action=mark-connection new-connection-mark=116-lan
/ip firewall mangle add chain=prerouting connection-mark=116-lan src-address-list=LAN action=mark-routing new-routing-mark=116

/ip firewall nat add action=masquerade chain=srcnat out-interface=ether3-gateway src-address=192.168.10.117
/ip route add gateway=11.11.11.67 routing-mark=117
/ip firewall address-list add address=11.11.11.117 list=Connected
/ip firewall mangle add chain=prerouting src-address=192.168.10.117 action=mark-routing new-routing-mark=117
/ip firewall mangle add chain=input connection-mark=no-mark in-interface=ether2-gateway action=mark-connection new-connection-mark=117-ros
/ip firewall mangle add chain=forward connection-mark=no-mark in-interface=ether2-gateway action=mark-connection new-connection-mark=117-lan
/ip firewall mangle add chain=prerouting connection-mark=114-lan src-address-list=LAN action=mark-routing new-routing-mark=117
If we have 3 different gateway (11.11.11.65, 11.11.11.66, 11.11.11.67) for each external IP (11.11.11.115, 11.11.11.116, 11.11.11.117) - all working good, as i need.

BUT! The problem is... that i have only 1 gateway (11.11.11.65) for each external IP (11.11.11.115, 11.11.11.116, 11.11.11.117)...
And all 3 vpn connections get the same 1 external (first of 3) - 11.11.11.115

Is it possible to separate routes to each of IP (11.11.11.115, 11.11.11.116, 11.11.11.117) with 1 gateway (11.11.11.65) ?

Maybe i don't now/undestand something... (
 
User avatar
sebastia
Forum Guru
Forum Guru
Posts: 1796
Joined: Tue Oct 12, 2010 3:23 am
Location: Antwerp, BE

Re: 3 IPs + 1 Gateway = 3 different routes. Is it possible on one device?

Sat Dec 23, 2017 12:53 pm

Have a look at videos for configuration of loadbalanced wans, your problem is similar.
Like for example this one: https://www.google.be/url?sa=t&rct=j&q= ... 51uWEJtRTp

Basically, in IP/Routes configuration you can specify outgoing interface/path.
 
fbslim
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 55
Joined: Wed Feb 22, 2012 12:17 pm

Re: 3 IPs + 1 Gateway = 3 different routes. Is it possible on one device?

Sun Dec 24, 2017 6:16 pm

Have a look at videos for configuration of loadbalanced wans, your problem is similar.
Like for example this one: https://www.google.be/url?sa=t&rct=j&q= ... 51uWEJtRTp

Basically, in IP/Routes configuration you can specify outgoing interface/path.
Not similar. I have 1 wan port and 1 gateway ip...
 
fbslim
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 55
Joined: Wed Feb 22, 2012 12:17 pm

Re: 3 IPs + 1 Gateway = 3 different routes. Is it possible on one device?

Sun Dec 24, 2017 6:17 pm

Have a look at videos for configuration of loadbalanced wans, your problem is similar.
Like for example this one: https://www.google.be/url?sa=t&rct=j&q= ... 51uWEJtRTp

Basically, in IP/Routes configuration you can specify outgoing interface/path.
Not similar. I have 1 wan port and 1 gateway ip...
 
fbslim
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 55
Joined: Wed Feb 22, 2012 12:17 pm

Re: 3 IPs + 1 Gateway = 3 different routes. Is it possible on one device?

Mon Dec 25, 2017 9:58 am

People, can somebody ask?

Who is online

Users browsing this forum: Google [Bot] and 75 guests