Hi all,
i have a mikrotik with subnet 192.168.1.0/26
i have an internet ISP1 at 192.168.1.2 and another internet ISP2 via pptp at 192.168.0.2
at ip route i have setup gateway to ISP1
The thing that i want to do is one of my pc's (191.168.1.9) to use only as internet gateway ISP2.
How could it be done?
Thanks in advance
Re: Routing Pc to certain Gateway Question
Add another route for 0.0.0.0/0 using gateway 192.168.0.2 and Routing Mark = ISP2. Then add a IP Firewall Mangle rule in preroute chain for src 192.168.1.9 and dst !192.168.1.0/24 with action Mark Route = ISP2.
Like this:
Like this:
Code: Select all
/ip route
add distance=1 gateway=192.168.0.2 routing-mark=ISP2
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address=\
!192.168.1.0/24 new-routing-mark=ISP2 passthrough=yes src-address=\
192.168.1.9Re: Routing Pc to certain Gateway Question
Thank you very much!!!!
It worked 100%
It worked 100%
Re: Routing Pc to certain Gateway Question
It worked for a few minutes and then i get ISP2 internet ip but all traffic goes from ISP1....why is this happening?
Re: Routing Pc to certain Gateway Question
You probably have fasttrack enabled which bypasses mangle.
Take a look at this thread:
http://forum.mikrotik.com/viewtopic.php?f=3&t=112235
Take a look at this thread:
http://forum.mikrotik.com/viewtopic.php?f=3&t=112235
Re: Routing Pc to certain Gateway Question
see this old post, it may help you
http://forum.mikrotik.com/viewtopic.php?t=26342
Your problem may be the way you set up the default route for your PPtP, and how you associate it to your routing mark.
http://forum.mikrotik.com/viewtopic.php?t=26342
Your problem may be the way you set up the default route for your PPtP, and how you associate it to your routing mark.
Re: Routing Pc to certain Gateway Question
I have a route from ISP1 which is my VDSL router with distance 1 and i set up a route from my pptp client which comes my ISP2 with distance 1 again but with routing mark.
even if i change ISP1 distance to 2 and keep ISP2 distance 1 it works again for some minutes and then it happens again the same....i get ip from ISP2 but all traffic goes out from ISP1.
I readed both post but couldnt help me.
even if i change ISP1 distance to 2 and keep ISP2 distance 1 it works again for some minutes and then it happens again the same....i get ip from ISP2 but all traffic goes out from ISP1.
I readed both post but couldnt help me.
Re: Routing Pc to certain Gateway Question
need more information.
show us your ip firewall mangle rules
show us your ip/routes
show us you ip firewall NAT rules
show us your ip firewall mangle rules
show us your ip/routes
show us you ip firewall NAT rules
Re: Routing Pc to certain Gateway Question
ip>firewall MANGLE
ip>firewall NAT
Internet from ISP2 -> is pptp client
ip>routes
Code: Select all
chain=prerouting action=mark-routing new-routing-mark=ISP2 passthrough=yes
src-address=192.168.1.9 dst-address=!192.168.1.0/26 log=no log-prefix="" Code: Select all
0 chain=srcnat action=masquerade src-address=192.168.1.0/26
dst-address=!10.0.0.0/8 out-interface=ether1 log=no log-prefix=""
1 chain=srcnat action=masquerade src-address=192.168.1.0/26
dst-address=!10.0.0.0/8 out-interface=Internet from ISP2 log=no
log-prefix="" ip>routes
Code: Select all
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 Internet from ISP2 1 routing mark=ISP2
1 A S 0.0.0.0/0 192.168.1.2 1
Re: Routing Pc to certain Gateway Question
lelos09:
No other mangle rules? If there are, is it possible that they are being triggered? The rule you show has passthrough=yes.
No other routes? How do you connect to ISP 1 and ISP 2? What type of service do you have with ISP 1 and ISP 2? Is it PPPoE? if it is PPPoE, is the Mtik handling the PPPoE client connection or do you have another router handling it? If you have another modem/router handling PPPoE, is in NATting?
No other mangle rules? If there are, is it possible that they are being triggered? The rule you show has passthrough=yes.
No other routes? How do you connect to ISP 1 and ISP 2? What type of service do you have with ISP 1 and ISP 2? Is it PPPoE? if it is PPPoE, is the Mtik handling the PPPoE client connection or do you have another router handling it? If you have another modem/router handling PPPoE, is in NATting?
Re: Routing Pc to certain Gateway Question
other mangle rule is
To ISP1 i connect via ether 1 which is my VDSL ROUTER which handle the PPPOE connection and nothing more.
To ISP2 i connect via wlan1 to my home over BGP and i get internet via PPTP server.
There are no other Nat,filter,mangle rules
Code: Select all
0 D chain=forward action=change-mss new-mss=1410 tcp-flags=syn protocol=tcp
out-interface=all-ppp tcp-mss=1411-65535
1 D chain=forward action=change-mss new-mss=1410 tcp-flags=syn protocol=tcp
in-interface=all-ppp tcp-mss=1411-65535To ISP2 i connect via wlan1 to my home over BGP and i get internet via PPTP server.
There are no other Nat,filter,mangle rules
Re: Routing Pc to certain Gateway Question
You are going to see the traffic going out out your ISP1 as that is your physical connection. Your ISP2, which is a Virtual connection, has to go out ISP1. This is normal, unless I am miss understanding!
Re: Routing Pc to certain Gateway Question
ISP2 comes via Wirelless connection not via vpn over ISP1.
Re: Routing Pc to certain Gateway Question
Your previous post wasn't showing when I made mine...
You should post a full export.
You should post a full export.
Code: Select all
/export hide-sensitiveRe: Routing Pc to certain Gateway Question
Code: Select all
# sep/21/2016 17:37:32 by RouterOS 6.36.3
# software id = 3BA9-F8AR
#
/interface pptp-server
/interface pptp-client
add connect-to=192.168.0.1 disabled=no mrru=1600 name="Internet ISP2" user=ISP2
/interface wireless security-profiles
set [ find default=yes ] group-ciphers="" unicast-ciphers=""
add authentication-types=wpa-psk,wpa2-psk eap-methods="" management-protection=allowed mode=dynamic-keys name=profile1 supplicant-identity=""
/interface wireless
set [ find default-name=wlan1 ] ampdu-priorities=0,1,2,3,4,5,6,7 band=5ghz-a/n basic-rates-a/g="" basic-rates-b="" channel-width=20/40mhz-Ce disabled=no \
frequency=5420 frequency-mode=superchannel hide-ssid=yes ht-basic-mcs=mcs-2,mcs-3,mcs-4,mcs-5,mcs-6 ht-supported-mcs=\
mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-16,mcs-17,mcs-18,mcs-19,mcs-20,mcs-21,mcs-22,mcs-23 mode=ap-bridge name=wlan2 nv2-cell-radius=10 rx-chains=0,1 \
security-profile=profile1 ssid=@@2@@ supported-rates-a/g="" supported-rates-b="" tx-chains=0,1 tx-power=22 tx-power-mode=all-rates-fixed \
wireless-protocol=nstreme
/interface wireless nstreme
set wlan2 enable-nstreme=yes framer-limit=4000 framer-policy=best-fit
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=pool1 ranges=192.168.1.10-192.168.1.60
/ip dhcp-server
add address-pool=pool1 disabled=no interface=ether1 name=server1
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
/routing bgp instance
set default as=22 router-id=192.168.0.1
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
/tool user-manager customer
set admin access=own-routers,own-users,own-profiles,own-limits,config-payment-gw time-zone=+00:00
/interface pptp-server server
set enabled=yes
/ip address
add address=192.168.1.1/26 interface=ether1 network=192.168.1.0
add address=192.168.1.254/29 interface=wlan1 network=192.168.1.248
/ip dhcp-server lease
add address=192.168.1.14 client-id=1:b8:27:eb:97:7b:c comment=RASPBERRY mac-address=B8:27:EB:97:7B:0C server=server1
/ip dhcp-server network
add address=192.168.1.0/26 dns-server=192.168.1.1 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes max-udp-packet-size=512 servers=192.168.1.2
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address=!192.168.0/26 new-routing-mark=ISP2 passthrough=yes src-address=192.168.1.9
/ip firewall nat
add action=masquerade chain=srcnat dst-address=!10.0.0.0/8 out-interface=ether1 src-address=192.168.1.0/26
add action=masquerade chain=srcnat dst-address=!10.0.0.0/8 out-interface="Internet ISP2" src-address=192.168.1.0/26
/ip route
add distance=1 gateway="Internet ISP2" routing-mark=ISP2
add distance=1 gateway=192.168.1.2
/ip service
set api disabled=yes
/routing bgp network
add network=192.168.1.0/24 synchronize=no
/routing bgp peer
add hold-time=30s keepalive-time=10s name=ISP2 remote-address=192.168.1.245 remote-as=23
/system clock
set time-zone-name=Europe/Athens
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set wlan1 disabled=yes display-time=5s
set wlan2 disabled=yes display-time=5s
set ether1 disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s
set ether3 disabled=yes display-time=5s
set "Internet ISP2" disabled=yes display-time=5s
/system ntp client
set enabled=yes primary-ntp=194.177.210.54 secondary-ntp=212.18.3.19
/tool bandwidth-server
set authenticate=no max-sessions=10
/tool user-manager database
set db-path=user-manager1
Who is online
Users browsing this forum: thiefa and 44 guests