HI,
These are ips which are using by me. I am using RB 750 GL router board. I want to transfer my local IP to only access WAN2. Or WAN2 + WAN3. Please some one guide me in this matter.
192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1
192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3
-
-
Revelation
Member
- Posts: 336
- Joined:
Re: Mark Local Traffic on Specific Route.
You can setup your src-nat to only allow the specific network you want routed out of the WAN interface. You can also setup routes for each network going out specific WAN interfaces.
Re: Mark Local Traffic on Specific Route.
I am new. Can you plz create one nat for me.
-
-
Revelation
Member
- Posts: 336
- Joined:
Re: Mark Local Traffic on Specific Route.
I'm not in front of my CCR so I cannot confirm the syntax on this. This should give you an idea, at least, of what you need to configure.I am new. Can you plz create one nat for me.
Code: Select all
/ip firewall nat
add chain=src-nat action=srcnat src-address=192.168.2.0/24 out-interface="WAN1"For the WAN1 part you will need to input your physical interface.
Re: Mark Local Traffic on Specific Route.
Please check my firewall address list is correct.
/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1 Internet.
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2 Internet
add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3 Internet
/ip firewall address-list
add address=192.168.0.239 disabled=no list=DSL1_USERS_LIST
/ip firewall mangle
add action=mark-routing chain=prerouting disabled=no new-routing-mark=wan1_user passthrough=no src-address-list=DSL1_USERS_LIST
add action=mark-routing chain=prerouting disabled=no new-routing-mark=wan2_user passthrough=no src-address-list=DSL2_USERS_LIST
/ip route
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=192.168.2.2 routing-mark=wan1_user scope=30 target-scope=10
add disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.3.2 routing-mark=wan2_user scope=30 target-scope=10
/ip firewall nat
add action=masquerade chain=srcnat disabled=no src-address=192.168.0.0/24
/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1 Internet.
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2 Internet
add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3 Internet
/ip firewall address-list
add address=192.168.0.239 disabled=no list=DSL1_USERS_LIST
/ip firewall mangle
add action=mark-routing chain=prerouting disabled=no new-routing-mark=wan1_user passthrough=no src-address-list=DSL1_USERS_LIST
add action=mark-routing chain=prerouting disabled=no new-routing-mark=wan2_user passthrough=no src-address-list=DSL2_USERS_LIST
/ip route
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=192.168.2.2 routing-mark=wan1_user scope=30 target-scope=10
add disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.3.2 routing-mark=wan2_user scope=30 target-scope=10
/ip firewall nat
add action=masquerade chain=srcnat disabled=no src-address=192.168.0.0/24
Who is online
Users browsing this forum: No registered users and 11 guests