Here is my setup: RB750Gr3 running 6.42rc46, PPPoE WAN connection, NAT with fasttrack enabled, and a L2TP client for selective NAT routing.
Config:
/ip firewall filter
add action=fasttrack-connection chain=forward comment="fasttrack non-vpn" connection-state=established,related \
in-interface=!l2tp-out out-interface=!l2tp-out
add action=accept chain=forward comment="non-fasttrack fallover" connection-state=established,related
/ip firewall mangle
add action=mark-routing chain=prerouting comment=MARK-VPN-OUT1 new-routing-mark=USA-OUT passthrough=yes \
src-address=192.168.137.104
add action=mark-routing chain=prerouting comment=MARK-VPN-OUT2 new-routing-mark=USA-OUT passthrough=yes \
src-address=192.168.137.100
/ip firewall nat
add action=masquerade chain=srcnat comment="NAT enable" out-interface=pppoe-out
add action=masquerade chain=srcnat comment="l2tp NAT" out-interface=l2tp-out
Because fasttrack is not working with mangling properly, I've negated the l2tp client in the in/out interface setting (marked in red), in the fasttrack firewall rule. Is that the best way to do this? It sure does fix the VPN speed.
I've tried routing-mark=!USA-OUT or routing-mark=main but the rule didn't work, the VPN still doesn't work properly, getting 1mbps instead of 50mbps.
Any advice?