Community discussions

MikroTik App
 
albart
just joined
Topic Author
Posts: 2
Joined: Sun Jun 14, 2020 3:05 pm

Connect to VPN over 2 Internet connections

Sun Jun 14, 2020 3:27 pm

Hello,

I need some help to setup the routing rules of this scenario because I don't get it.

This is my setup:

Addresses:
  • eth0, LAN, 10.0.0.0/24
  • PPPoE1, PPPoE with ISP 1 (connected in eth1), public ip address 1
  • PPPoE2, PPPoE with ISP 2 (connected in eth2), public ip address 2
  • ovpn-client pool, 192.168.10.0/24

Firewall:
  • input rule for open vpn port
  • nat masquerade on PPPoE2
  • nat masquerade on PPPoE1
  • mangle prerouting rule to mark traffic from 10.0.0.50 with isp1 mark

Routing:
  • 0.0.0.0/0 using PPPoE2
  • 0.0.0.0/0 using PPPoE1 if isp1 mark

The problem is:
  • When I connect to VPN using the public ip of ISP 2 I can go in and everything works except that I cannot connect to 10.0.0.50.
  • When I try to connect to VPN using the public ip of ISP 1, I cannot.

What I want is:
  • Keep default gateway using ISP 2
  • Keep outgoing traffic (not local or VPN) of 10.0.0.50 using ISP 1
  • Connect to VPN using either ISP 1 or ISP 2
  • Once connected to VPN, be able to connect to any host in VPN or LAN

I've been trying to mark traffic using mangle rules but I cannot get it. May be using routing policies? Any ideas, please?

Thanks in advance.

Regards.
 
albart
just joined
Topic Author
Posts: 2
Joined: Sun Jun 14, 2020 3:05 pm

Re: Connect to VPN over 2 Internet connections  [SOLVED]

Sat Jun 20, 2020 3:35 pm

Hello,

I got the solution.

Firewall:
  • Changed mangle prerouting rule to add routing mark to traffic from 10.0.0.50 and destination not 192.168.10.0/24 with isp1 routing mark
  • Added mangle input rule to add connection mark to traffic from PPPoE1 without connection mark with vpn1 connection mark
  • Added mangle ouput rule to add routing mark to traffic with connection mark vpn1 with isp1 routing mark
 
User avatar
diego73
newbie
Posts: 26
Joined: Tue Feb 12, 2019 8:22 pm
Location: ciudad de buenos aires, argentina

Re: Connect to VPN over 2 Internet connections

Tue Jun 22, 2021 9:25 pm

Hi albart!

can u help me with this post

viewtopic.php?f=13&t=176098

thanks!

Who is online

Users browsing this forum: fragment, Semrush [Bot], smirgo and 87 guests