Since I hope that someone will eventually look into my problem I am posting the configuration of my router:
# mar/23/2021 02:01:41 by RouterOS 6.48.1
# software id = V2G1-I8S1
#
# model = 951Ui-2HnD
# serial number = 45880238E3C3
/interface ethernet
set [ find default-name=ether1 ] comment=ISP1
set [ find default-name=ether2 ] comment=ISP2
set [ find default-name=ether3 ] comment=LAN
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool2 ranges=192.168.1.150-192.168.1.254
/ip dhcp-server
add address-pool=dhcp_pool2 disabled=no interface=ether3 lease-time=3h name=\
dhcp1
/system logging action
add email-to=
xxxxxxxxxxxx@gmail.com name=Email target=email
/ip settings
set tcp-syncookies=yes
/ip address
add address=192.168.1.1/24 interface=ether3 network=192.168.1.0
add address=192.168.2.5/24 interface=ether1 network=192.168.2.0
add address=192.168.3.5/24 interface=ether2 network=192.168.3.0
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.1.1 \
ntp-server=216.239.35.0,216.239.35.4
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall address-list
add address=192.168.1.2-192.168.1.254 list=allowed_to_router
add address=0.0.0.0/8 comment=RFC6890 list=not_in_internet
add address=172.16.0.0/12 comment=RFC6890 list=not_in_internet
add address=192.168.0.0/16 comment=RFC6890 list=not_in_internet
add address=10.0.0.0/8 comment=RFC6890 list=not_in_internet
add address=169.254.0.0/16 comment=RFC6890 list=not_in_internet
add address=127.0.0.0/8 comment=RFC6890 list=not_in_internet
add address=224.0.0.0/4 comment=Multicast list=not_in_internet
add address=198.18.0.0/15 comment=RFC6890 list=not_in_internet
add address=192.0.0.0/24 comment=RFC6890 list=not_in_internet
add address=192.0.2.0/24 comment=RFC6890 list=not_in_internet
add address=198.51.100.0/24 comment=RFC6890 list=not_in_internet
add address=203.0.113.0/24 comment=RFC6890 list=not_in_internet
add address=100.64.0.0/10 comment=RFC6890 list=not_in_internet
add address=240.0.0.0/4 comment=RFC6890 list=not_in_internet
add address=192.88.99.0/24 comment="6to4 relay Anycast [RFC 3068]" list=\
not_in_internet
/ip firewall filter
add action=accept chain=forward comment="Allow port forwarding on ISP2" \
connection-nat-state=dstnat connection-state=established,related,new \
connection-type="" log=yes protocol=tcp
add action=drop chain=forward comment=\
"Drop packets from LAN that do not have LAN IP" in-interface=ether3 log=\
yes log-prefix=LAN_!LAN src-address=!192.168.1.0/24
add action=accept chain=forward comment="Established & Related" \
connection-state=established,related
add action=drop chain=forward comment="Drop invalid" connection-state=invalid \
log=yes log-prefix="invalid DROPPED"
add action=drop chain=input comment=Invalid connection-state=invalid
add action=add-src-to-address-list address-list=Over-100-Conn \
address-list-timeout=1d chain=input comment="Connections over 100 for IP" \
connection-limit=100,32 protocol=tcp
add action=tarpit chain=input comment="Drop if over 100 Connections" \
connection-limit=3,32 protocol=tcp src-address-list=Over-100-Conn
add action=add-src-to-address-list address-list=Port-Scan \
address-list-timeout=1d chain=forward comment="Port Scan Hamad" log=yes \
log-prefix="Port Scan Fwd" protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list=Port-Scan \
address-list-timeout=1d chain=input comment="Port Scan Hamad" log=yes \
log-prefix="Port Scan Input" protocol=tcp psd=21,3s,3,1
add action=drop chain=input comment="Drop Port Scan Hamad" src-address-list=\
Port-Scan
add action=drop chain=forward comment="Drop Port Scan Hamad" \
src-address-list=Port-Scan
add action=jump chain=forward comment="SYN Flood protect FORWARD" \
connection-state=new jump-target=syn-attack protocol=tcp tcp-flags=syn
add action=jump chain=input comment="SYN Flood protect INPUT" \
connection-state=new jump-target=syn-attack protocol=tcp tcp-flags=syn
add action=accept chain=syn-attack connection-state=new limit=400,5:packet \
protocol=tcp tcp-flags=syn
add action=drop chain=syn-attack connection-state=new log=yes log-prefix=\
"Syn Flood Drop" protocol=tcp tcp-flags=syn
add action=accept chain=input comment=Ping protocol=icmp
add action=drop chain=forward comment=\
"ISP1 Drop incoming from internet which is not public IP" in-interface=\
ether1 log=yes log-prefix=!public src-address-list=not_in_internet
add action=drop chain=forward comment=\
"ISP2 Drop incoming from internet which is not public IP" in-interface=\
ether2 log=yes log-prefix=!public src-address-list=not_in_internet
add action=accept chain=input comment="LAN Traffic" src-address-list=\
allowed_to_router
add action=accept chain=input comment=Gmail src-address=74.125.141.108 \
src-address-list=""
add action=drop chain=input comment="Drop All other ISP1" in-interface=ether1
add action=drop chain=input comment="Drop All other ISP2" in-interface=ether2
add action=drop chain=forward comment=\
"ISP1 Drop incoming packets that are not NATted" connection-nat-state=\
!dstnat connection-state=new disabled=yes in-interface=ether1 log=yes \
log-prefix=!NAT
add action=drop chain=forward comment=\
"ISP2 Drop incoming packets that are not NATted" connection-nat-state=\
!dstnat connection-state=new disabled=yes in-interface=ether2 log=yes \
log-prefix=!NAT
add action=drop chain=forward comment=\
"Drop tries to reach not public addresses from LAN" disabled=yes \
dst-address-list=not_in_internet in-interface=ether3 log=yes log-prefix=\
!public_from_LAN out-interface=!ether3
add action=drop chain=input comment="drop ftp brute forcers" disabled=yes \
dst-port=21 protocol=tcp src-address-list=ftp_blacklist
add action=accept chain=output content="530 Login incorrect" disabled=yes \
dst-limit=1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=ftp_blacklist \
address-list-timeout=3h chain=output content="530 Login incorrect" \
disabled=yes protocol=tcp
add action=drop chain=input comment="drop ssh brute forcers" disabled=yes \
dst-port=22 protocol=tcp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=1w3d chain=input connection-state=new disabled=yes \
dst-port=22 protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m chain=input connection-state=new disabled=yes \
dst-port=22 protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
address-list-timeout=1m chain=input connection-state=new disabled=yes \
dst-port=22 protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
address-list-timeout=1m chain=input connection-state=new disabled=yes \
dst-port=22 protocol=tcp
add action=drop chain=forward comment="drop ssh brute downstream" disabled=\
yes dst-port=22 protocol=tcp src-address-list=ssh_blacklist
/ip firewall mangle
add action=accept chain=prerouting dst-address=192.168.2.0/24
add action=accept chain=prerouting dst-address=192.168.3.0/24
add action=mark-connection chain=prerouting connection-mark=no-mark \
dst-address-type=!local in-interface=ether3 new-connection-mark=WAN1 \
passthrough=yes per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting connection-mark=no-mark \
dst-address-type=!local in-interface=ether3 new-connection-mark=WAN2 \
passthrough=yes per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1 in-interface=\
ether3 new-routing-mark=ether1-mark passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2 in-interface=\
ether3 new-routing-mark=ether2-mark passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1 new-routing-mark=\
ether1-mark passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2 new-routing-mark=\
ether2-mark passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=ether1 new-connection-mark=WAN1 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=ether2 new-connection-mark=WAN2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat out-interface=ether2
add action=masquerade chain=srcnat comment="DVR1 Local Access" dst-address=\
192.168.1.71 dst-port=67-68 out-interface=ether3 protocol=tcp \
src-address=192.168.1.0/24
add action=masquerade chain=srcnat comment="DVR2 Local Access" dst-address=\
192.168.1.72 dst-port=67-68 out-interface=ether3 protocol=tcp \
src-address=192.168.1.0/24
add action=dst-nat chain=dstnat comment=DVR1 dst-address-type="" dst-port=\
67-68 in-interface=ether2 log=yes protocol=tcp src-port="" to-addresses=\
192.168.1.71 to-ports=67-68
add action=dst-nat chain=dstnat comment=DVR2 dst-address-type="" dst-port=\
54-56 log=yes protocol=tcp src-address=192.168.3.5 src-port="" \
to-addresses=192.168.1.72 to-ports=67-68
add action=dst-nat chain=dstnat comment=PBX1 disabled=yes dst-port=35356 \
in-interface=ether2 protocol=tcp to-addresses=192.168.1.29 to-ports=5060
add action=dst-nat chain=dstnat comment="DSP2 DSP" disabled=yes dst-port=\
16000-16511 in-interface=ether2 protocol=tcp to-addresses=192.168.1.30 \
to-ports=16000-16511
add action=dst-nat chain=dstnat comment=DVR1-Local disabled=yes dst-port=\
73-74 in-interface=ether2 protocol=tcp to-addresses=192.168.1.71 \
to-ports=67-68
add action=dst-nat chain=dstnat comment=DVR2-Local disabled=yes dst-port=\
75-76 in-interface=ether2 protocol=tcp to-addresses=192.168.1.72 \
to-ports=70-71
/ip route
add check-gateway=ping distance=1 gateway=192.168.2.1 routing-mark=\
ether1-mark
add check-gateway=ping distance=1 gateway=192.168.3.1 routing-mark=\
ether2-mark
add distance=1 gateway=192.168.3.1
add distance=1 gateway=192.168.2.1
add check-gateway=ping distance=1 dst-address=8.8.4.4/32 gateway=192.168.2.1
add check-gateway=ping distance=1 dst-address=8.8.8.8/32 gateway=192.168.3.1
/ip service
set telnet disabled=yes
set ssh disabled=yes
/system clock
set time-zone-name=Europe/Athens
/system identity
set name=VI
/system logging
add action=Email prefix="Mikrotik Router VI" topics=critical
/system ntp client
set enabled=yes primary-ntp=216.239.35.0 secondary-ntp=216.239.35.8
/tool bandwidth-server
set enabled=no
/tool e-mail
set address=74.125.141.108 from=
xxxxxxxxxx@gmail.com password=\
xxxxxxxxxx* port=587 start-tls=yes user=
xxxxxxxxxxx@gmail.com
/tool netwatch
add down-script="ip route disable [find dst-address=0.0.0.0/0 gateway=192.168.\
2.1]\r\
\n:log error \"ISP1 is down\"\r\
\n/ip firewall connection remove [find]" host=8.8.4.4 interval=10s \
timeout=800ms up-script="ip route enable [find dst-address=0.0.0.0/0 gatew\
ay=192.168.2.1]\r\
\n:log warning \"ISP1 is up\""
add down-script="ip route disable [find dst-address=0.0.0.0/0 gateway=192.168.\
3.1]\r\
\n:log error \"ISP2 is down\"\r\
\n/ip firewall connection remove [find]" host=8.8.8.8 interval=10s \
timeout=800ms up-script="ip route enable [find dst-address=0.0.0.0/0 gatew\
ay=192.168.3.1]\r\
\n:log warning \"ISP2 is up\""
Still hoping that someone willhelp me out.....