Community discussions

MikroTik App
 
WandererAlex
just joined
Topic Author
Posts: 1
Joined: Sun Mar 26, 2023 1:17 pm

Add secondary gateway to the same network

Sun Mar 26, 2023 1:44 pm

Hi all!

As the subject of the topic indicates I am looking for a solution to add a new gateway to my network. Basically, I have one main router having one ISP (the model is RB4011iGS+5HacQ2HnD-IN) and I want to add another router in the network that can route the traffic via LTE modem, I was thinking of getting LTAP Mini LTE Kit, but currently I have HAP AC^3 to evaluate the solution.

So what I did so far:
  1. Configured main router with default config. The router is configured as a gateway on port 192.168.88.1, routing all the traffic to default ISP.
  2. Set up the HAP AC^3 to work as a bridge, the router accepts static IP of 192.168.88.10. On router I have installed LTE modem that also has connection to the Internet.
  3. On the main router I specified a new route record to route the traffic to DST address 0.0.0.0/0 and specified my gateway IP of 192.168.88.10. The main router indicates the route is reachable via the main bridge.
  4. Also on the secondary router I set up a small bridge just for testing and added one of WiFi interfaces to it. So I can confirm that the router has Internet connectivity via LTE.
  5. For testing purposes I disable the ISP interface so that I can force the system to route the traffic via the secondary gateway.
At this point I'm able to ping the secondary router from the main network and access it via WinBox. It appears that I can also ping some IPs in Internet. But the process of opening a webpage is painfully slow. And most of times results in 'Connection Reset' error in browser. At the same time pings can go well. One important finding (I guess, it may be important) is that I'm using Huawei WiFi dongle, that on its own works as a gateway, sitting on IP 192.168.8.1. This IP can be opened fine when I connect directly from the secondary router (where this dongle plugged into), but the page just fails to load if I do the same from the main network.

I understand that I may be missing some NAT rules (or firewall maybe) on either the main router or on the secondary one (or both). I also planed to keep both routers in the same network so that I can remotely connect via LTE to the main router and vice versa.

UPD: While experimenting with firewall rules I found that the issue seems to be related to the default firewall rule on forward chain to drop invalid. But how come the forward requests to the secondary router come as 'invalid'?

Could you please guide me through? Or point to the direction of what I can read/research on my own?

Thanks in advance!

Who is online

Users browsing this forum: No registered users and 47 guests