Community discussions

MikroTik App
 
Diego83
just joined
Topic Author
Posts: 2
Joined: Wed Apr 14, 2021 4:45 pm

2 wan 2 lan

Wed Apr 14, 2021 4:58 pm

Hi, I have configured a RB2011 with 2 WAN and 2 LAN. Configuration below works fine. I also need to remote connect via winbox to RB2011. When i try to connect to public address doen't work. It does work only wiith 1 WAN but not with 2 WANs. What's wrong?

/ip firewall filter rules
add action=accept chain=input comment="Accetto traffico porta 8192" dst-port=8192 protocol=tcp
/ip firewall mangle
add action=mark-routing chain=prerouting new-routing-mark=LAN1_to_WAN1 passthrough=yes src-address=192.168.10.0/24
add action=mark-routing chain=prerouting new-routing-mark=LAN2_to_WAN2 passthrough=yes src-address=192.168.20.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment=WAN1 out-interface=ether1-WAN1
add action=masquerade chain=srcnat comment=WAN2 out-interface=ether10-WAN2
/ip route
add distance=1 gateway=x.x.x.x routing-mark=LAN1_to_WAN1
add distance=1 gateway=y.y.y.y routing-mark=LAN2_to_WAN2
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19103
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: 2 wan 2 lan

Sat Apr 17, 2021 2:30 am

No idea why you are showing pre-routing.
The only thing I can say is that attempting to open a door to the router via your winbox port is unsafe and should be avoided.
If you need access to the router externally, then the proper way is via a VPN tunnel to the LAN side and then access the router from the LAN.

There is a shortcut way that although not recommended is still way better than what you have proposed.
https://wiki.mikrotik.com/wiki/Port_Knocking

The example shows two but most people Ive seen make it 3 or four port knocks..............
Would post your config here before attempting just use fake port numbers for that, but its important to get your input chain rules correct.
 
Eduardo25
newbie
Posts: 26
Joined: Fri Mar 12, 2021 11:49 pm

Re: 2 wan 2 lan

Sat Apr 17, 2021 7:46 am

use the mac address for the meantime
 
Diego83
just joined
Topic Author
Posts: 2
Joined: Wed Apr 14, 2021 4:45 pm

Re: 2 wan 2 lan

Mon Apr 19, 2021 10:39 am

I would like to start with simple things. What is missing in the firewall filter rule to make it work? Once it works I can try to implement a vpn to access the router
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19103
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: 2 wan 2 lan

Mon Apr 19, 2021 3:41 pm

Sorry I dont help config security holes.

Who is online

Users browsing this forum: Ahrefs [Bot], Cr4shOnPc, patrikg and 84 guests