Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

WAN failover with VLANS on RouterOS 7

Post Reply
 
steamy
just joined
Topic Author
Posts: 20
Joined: Sat May 25, 2024 2:23 am

WAN failover with VLANS on RouterOS 7

Sat May 25, 2024 2:50 am

Hello! Probable Mikrotik convert here. I have this home/office setup working with another brand but it just isn't as reliable as I would like. I expect to need help because I keep coming across examples that are outdated where the first comment is something like, "forget discover and mactel, they are very old in approach." I intend to buy an RB5009 for this but I'd like to practice my config on an RB750gr3 that I already own first.

Dual WAN failover:
WAN0: fiber. This will have a local IP (192.168.1.100 or something) but the ISPs router has DMZ to this device, meaning all ports are forwarded.
WAN1: T-Mobile for failover only

VLANS:
vlan1 = 10.1.0.0: default VLAN, home devices like TVs and phones
vlan2 = 10.2.0.0: business VLAN. Tax prep, needs appropriate security. Only business related printers and PCs.
vlan3 = 10.3.0.0: Guest network

Router ports:
1: WAN0
2: WAN1
3: vlan1
4: vlan2
5: trunk (all vlans)

I need Wireguard listening on both WANs

DNS should be cloudflare or Google, not the ISP assigned.

I don't expect anyone to do this for me, obviously. I want to learn but I also really need to get this done. So if anyone wants to hit me with links or share any of a config that will help me along my journey, I'd appreciate it. :-)
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 22208
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: WAN failover with VLANS on RouterOS 7

Sat May 25, 2024 8:14 pm

All you have asked for seems doable, with not much work.
However, the wireguard listening on T-mobile is problematic.
It does not have a public IP and thus cannot be used with a normal wireguard setup.

What we can do is setup normal wireguard and once its working disable WAN1 and see if in the wireguard automatically switches to WAN2.........
In some case it may, just not sure in your setup.

IN anctipcaation of if not working the only thing to do is use a different wireguard interface and use Back to home VPN, which is available but experience setting it up is low so it is a good exercise.
Top
 
steamy
just joined
Topic Author
Posts: 20
Joined: Sat May 25, 2024 2:23 am

Re: WAN failover with VLANS on RouterOS 7

Sun May 26, 2024 1:28 am

I see. I can live without it working on T Mobile. My remote location will have Dynamic DNS with a public IP, so I was thinking a keepalive packet to that could allow me to establish a route?
That's the absolute least important part so I'll save that for last. Thank you for the input. I will be back!
Top
 
User avatar
broderick
Member Candidate
Member Candidate
Posts: 292
Joined: Mon Nov 30, 2020 7:44 pm

Re: WAN failover with VLANS on RouterOS 7

Mon May 27, 2024 12:31 am

I see. I can live without it working on T Mobile. My remote location will have Dynamic DNS with a public IP, so I was thinking a keepalive packet to that could allow me to establish a route?
That's the absolute least important part so I'll save that for last. Thank you for the input. I will be back!
Let us know when you have the setup. I'm interested in it. Thanks
Top
Post Reply
  4. RouterOS
  5. Beginner Basics