Community discussions

MikroTik App
 
maudam
just joined
Topic Author
Posts: 9
Joined: Tue Dec 21, 2021 8:26 pm

Two wan with separate access for internal and guests and automatic failover

Wed Apr 06, 2022 5:18 pm

Hi all,

i was thinking about a mikrotik hex s to accomplish this:

2 wan access (isp routers connected to mikrotik)
wan access 01 to use for internal network (cabled and wifi)
wan access 02 to use for guest network (wifi)

lan 1 (internal) wireless + cabled
lan 2 (guests) wireless + cabled
AP for internal and guest networks are already in place and are NOT mikrotik. We will change them in the future.
2 ap for internal and 2 ap for guest.

Actually all APs are connected to a single switch but i'll add one dedicated
Is there a way to add automatic fault tolerance to this setup ?
In case wan 01 goes down all traffic flow via WAN 02 and the other way around

Thanks
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19117
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Two wan with separate access for internal and guests and automatic failover

Wed Apr 06, 2022 5:41 pm

Do the APs read vlans?
If so no need to change unless you are planning on getting wifi6 APs which MT does not have yet.

If the APs do not read vlans then you cannot use the same AP to serve both home and guests.
If you have separate APs, then only need that managed switch to ensure right vlans go to the right APs.

So the answer is yes.
 
maudam
just joined
Topic Author
Posts: 9
Joined: Tue Dec 21, 2021 8:26 pm

Re: Two wan with separate access for internal and guests and automatic failover

Thu Apr 07, 2022 12:31 am

anav, thanks for your reply.

The most important question is:

Is there a way to add automatic fault tolerance for WANs to this setup ?
In case wan 01 goes down all traffic flow via WAN 02 and the other way around
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19117
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Two wan with separate access for internal and guests and automatic failover

Thu Apr 07, 2022 1:20 am

As stated the answer is yes, and quite easily since your are targetting whole subnets, very easy to do.
The most efficient logic is to Create TWO STANDARD ROUTES
WAN1 - primary distance =5 check-gateway=ping
WAN2 - secondary distance=10 check-gateway=ping

Thus all traffic will be initially directed to WAN1, the check gateway command does two things if WAN1 goes down and the route is not available traffic will switch to WAN2 and the router will keep checking to see if WAN1 is available. Hence for one subnet all the work is done!! (home)

However we have the second subnet to deal with (guests).
In this case we create an exact copy of WAN2 but with a specific table and a specific routing rule.
The routing rule basically says for SubnetX, take two actions ( lookup, OR lookup-only-in-table).

IF we chose the latter, when WAN2 is not available, all traffic from guests would be dropped and not be sent to WAN1
IF we chose the former, when WAN2 is not available the router will search for another available route and find WAN1

What version of RoS are you using??

Who is online

Users browsing this forum: VinceKalloe and 47 guests