Hello,
I am having two WAN and one network LAN
ether1 (WAN 1) - 10.10.1.2 (Gateway: 10.10.1.1)
ether2 (WAN 2) - 10.10.2.2 (Gateway: 10.10.1.1)
ether3 (WAN 3) - 192.168.1.1
I am trying to make port forwarding in both WAN1 and WAN2 to 192.168.1.5... and here is the rule:
/ip firewall nat
add action=dst-nat chain=dstnat disabled=no dst-address=10.10.1.2 to-addresses=192.168.1.5
add action=dst-nat chain=dstnat disabled=no dst-address=10.10.2.2 to-addresses=192.168.1.5
add action=masquerade chain=srcnat disabled=no
When the route IP for the internet is: 10.10.1.1, the port forwarding for WAN 1 will work, and the WAN 2 will not work. Once I changed the default routing WAN 2, the WAN 2 will work and the first one will not work.
How I can make both be working whatever the default routing are.
Please give me the commands that I needs to make to make this working in both WAN .
Thanks
Re: NAT Port forwarding 2 WAN
You need to mark traffic. Your default route is simply default, and that means your router will route all traffic to outside via that route no matter what interface traffic came from. If you mark traffic that comes via WAN2r interface, and route it back via same WAN2 interface it will work 100%.
Re: NAT Port forwarding 2 WAN
Sorry for reply in this old post, but since that time I am looking for the solution as currently I returned the second wan on same Mikrotik router.
@blajah thanks for help, so do you mean that I need to mark it with mangle rule? can you help me more with that?
Thanks
@blajah thanks for help, so do you mean that I need to mark it with mangle rule? can you help me more with that?
Thanks
Re: NAT Port forwarding 2 WAN
Check https://wiki.mikrotik.com/wiki/Manual:PCC, it's mainly about load balancing, but it also has connection marking based on WAN and following route marking based on connection marks.
Re: NAT Port forwarding 2 WAN
Thanks @Sob for fast response, I have checked the link in wiki, Almost I read the rules, it is based on load balancing, which is not what I am looking for.
I am looking to point 192.168.1.5 for both wan, so port forwarding will work in both wan for the same local IP.
I am looking to point 192.168.1.5 for both wan, so port forwarding will work in both wan for the same local IP.
Re: NAT Port forwarding 2 WAN
Thanks @Sob.
This links gives me the idea and I have applied it, it is working very well, for those whose looking for same solution, it is like:
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address=1.1.1.1 new-connection-mark=WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN1 new-routing-mark=FirstWAN passthrough=yes
add action=mark-connection chain=prerouting dst-address=2.2.2.2 new-connection-mark=WAN2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2 new-routing-mark=SecondWAN passthrough=yes
1.1.1.1 and 2.2.2.2 is router ip for wan .
@blajah big thanks for you.
This links gives me the idea and I have applied it, it is working very well, for those whose looking for same solution, it is like:
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address=1.1.1.1 new-connection-mark=WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN1 new-routing-mark=FirstWAN passthrough=yes
add action=mark-connection chain=prerouting dst-address=2.2.2.2 new-connection-mark=WAN2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2 new-routing-mark=SecondWAN passthrough=yes
1.1.1.1 and 2.2.2.2 is router ip for wan .
@blajah big thanks for you.