Community discussions

 
fsjis1
just joined
Topic Author
Posts: 5
Joined: Tue Mar 08, 2016 11:21 pm

multi wan and 1:1 nat

Sat Nov 10, 2018 1:28 am

I am looking for help. I have successfully set up a 4 wan pcc, 2 lan setup. but I am now also trying to do a 1:1 on the set up as well. I created the pcc rules such that they only applied to a specific subnet. But when I tried created the 1:1 on a third subnet with no routing marks, I cant get it to work.

Has anyone tried to do this before.

Thanks



# nov/09/2018 15:19:10 by RouterOS 6.43.4
# software id = NCRV-2JVI
#
# model = 850Gx2
# serial number = 4BF1047653D9
/interface ethernet
set [ find default-name=ether5 ] mac-address=6C:3B:6B:39:F8:CC name=\
LocalBreakbillport4
set [ find default-name=ether1 ] mac-address=6C:3B:6B:39:F8:CD name=\
LocalKosloskiport5
set [ find default-name=ether2 ] mac-address=6C:3B:6B:39:F8:C9 name=WAN1
set [ find default-name=ether3 ] mac-address=6C:3B:6B:39:F8:CA name=WAN2
set [ find default-name=ether4 ] mac-address=6C:3B:6B:39:F8:CB name=WAN3
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=10.10.35.2-10.10.35.254
add name=dhcp_pool1 ranges=10.10.32.2-10.10.35.254
add name=Pool1 ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=LocalBreakbillport4 name=\
dhcp1
add address-pool=Pool1 disabled=no interface=LocalKosloskiport5 name=dhcp2
/system logging action
set 1 disk-file-name=flash/log
/ip address
add address=10.10.32.1/22 disabled=yes interface=LocalKosloskiport5 network=\
10.10.32.0
add address=10.1.4.4/27 interface=WAN1 network=10.1.4.0
add address=10.1.4.36/27 interface=WAN2 network=10.1.4.32
add address=x.x.x.190/27 interface=WAN3 network=x.x.x.160
add address=10.1.4.98/27 network=10.1.4.96
add address=10.10.35.1/24 interface=LocalBreakbillport4 network=10.10.35.0
add address=192.168.1.1/24 interface=LocalKosloskiport5 network=192.168.1.0
add address=216.215.19.191/27 interface=WAN3 network=x.x.x.160
add address=192.158.89.1/24 interface=LocalBreakbillport4 network=\
192.158.89.0
/ip dhcp-client
add default-route-distance=3 dhcp-options=hostname,clientid interface=WAN3
/ip dhcp-server lease
add address=192.168.89.2 client-id=1:f0:7b:cb:28:5e:28 disabled=yes \
mac-address=F0:7B:CB:28:5E:28 server=dhcp1
/ip dhcp-server network
add address=10.10.32.0/22 dns-server=8.8.8.8 gateway=10.10.32.1
add address=10.10.35.0/24 dns-server=8.8.8.8 gateway=10.10.35.1
add address=192.168.1.0/24 dns-server=8.8.8.8 gateway=192.168.1.1
add address=192.168.89.0/24 dns-server=8.8.8.8 gateway=192.168.89.1
/ip dns
set servers=8.8.8.8
/ip firewall address-list
add address=10.10.32.0/22 list=allowed_users
add address=10.10.35.0/24 list=allowed_users
add address=192.168.1.0/24 list=allowed_users
add address=192.168.89.0/24 list=usere-exempted-from-pcc
/ip firewall mangle
add action=mark-routing chain=prerouting new-routing-mark=1to1 passthrough=\
yes src-address-list=usere-exempted-from-pcc
add action=accept chain=prerouting in-interface=WAN1
add action=accept chain=prerouting in-interface=WAN2
add action=accept chain=prerouting in-interface=WAN3
add action=accept chain=prerouting disabled=yes in-interface=*6
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=LocalBreakbillport4 new-connection-mark=WAN1_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:3/0 \
src-address-list=allowed_users
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=LocalKosloskiport5 new-connection-mark=WAN1_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:3/0 \
src-address-list=allowed_users
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=LocalBreakbillport4 new-connection-mark=WAN2_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:3/1 \
src-address-list=allowed_users
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=LocalKosloskiport5 new-connection-mark=WAN2_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:3/1 \
src-address-list=allowed_users
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=LocalBreakbillport4 new-connection-mark=WAN3_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:3/2 \
src-address-list=allowed_users
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=LocalKosloskiport5 new-connection-mark=WAN3_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:3/2 \
src-address-list=allowed_users
add action=mark-connection chain=prerouting disabled=yes dst-address-type=\
!local in-interface=LocalBreakbillport4 new-connection-mark=WAN4_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:4/3 \
src-address-list=allowed_users
add action=mark-connection chain=prerouting disabled=yes dst-address-type=\
!local in-interface=LocalKosloskiport5 new-connection-mark=WAN4_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:4/3 \
src-address-list=allowed_users
add action=mark-routing chain=prerouting connection-mark=WAN1_conn \
in-interface=LocalBreakbillport4 new-routing-mark=to_WAN1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn \
in-interface=LocalKosloskiport5 new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN1_conn \
in-interface=LocalKosloskiport5 new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn \
in-interface=LocalBreakbillport4 new-routing-mark=to_WAN2
add action=mark-routing chain=prerouting connection-mark=WAN2_conn \
in-interface=LocalKosloskiport5 new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN3_conn \
in-interface=LocalBreakbillport4 new-routing-mark=to_WAN3
add action=mark-routing chain=prerouting connection-mark=WAN3_conn \
in-interface=LocalKosloskiport5 new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN4_conn disabled=\
yes in-interface=LocalBreakbillport4 new-routing-mark=to_WAN4 \
passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN4_conn disabled=\
yes in-interface=LocalKosloskiport5 new-routing-mark=to_WAN4 passthrough=\
yes
/ip firewall nat
add action=src-nat chain=srcnat disabled=yes src-address=192.168.89.2 \
to-addresses=216.215.19.191
add action=dst-nat chain=dstnat disabled=yes dst-address=216.215.19.191 \
to-addresses=192.168.89.2
add action=masquerade chain=srcnat out-interface=WAN1 src-address-list=\
allowed_users
add action=masquerade chain=srcnat out-interface=WAN2 src-address-list=\
allowed_users
add action=masquerade chain=srcnat out-interface=WAN3 src-address-list=\
allowed_users
add action=masquerade chain=srcnat disabled=yes out-interface=*6 \
src-address-list=allowed_users
/ip route
add check-gateway=ping distance=1 gateway=216.215.19.161 routing-mark=1to1
add check-gateway=ping distance=1 gateway=10.1.4.1 routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=10.1.4.33 routing-mark=to_WAN2
add check-gateway=ping distance=1 gateway=216.215.19.161 routing-mark=to_WAN3
add check-gateway=ping distance=1 gateway=10.1.4.97 routing-mark=to_WAN4
add check-gateway=ping distance=1 gateway=216.215.19.161
add check-gateway=ping distance=2 gateway=10.1.4.33
add check-gateway=ping distance=3 gateway=10.1.4.1
add check-gateway=ping distance=4 gateway=10.1.4.97
add comment="Default Route For Un-Marked Traffic" disabled=yes distance=3 \
gateway=216.215.19.161
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=LocalBreakbillport4 type=internal
add interface=LocalKosloskiport5 type=internal
add interface=WAN1 type=external
/system clock
set time-zone-name=America/Los_Angeles
/system identity
set name=MerleTest
/system leds
add leds="" type=interface-activity
/system resource irq rps
set WAN1 disabled=no
set WAN2 disabled=no
set WAN3 disabled=no
set LocalBreakbillport4 disabled=no
set LocalKosloskiport5 disabled=no
/system routerboard settings
set auto-upgrade=yes silent-boot=no

Who is online

Users browsing this forum: Frostbyte, Kindis, TurboCow and 36 guests