MikroTik

Community discussions
https://forum.mikrotik.com/

Mark Local Traffic on Specific Route.

https://forum.mikrotik.com/viewtopic.php?t=105430

Page 1 of 1

Mark Local Traffic on Specific Route.

Posted: Thu Mar 03, 2016 9:00 am
by talha909
HI,

These are ips which are using by me. I am using RB 750 GL router board. I want to transfer my local IP to only access WAN2. Or WAN2 + WAN3. Please some one guide me in this matter.

192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1
192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3

Re: Mark Local Traffic on Specific Route.

Posted: Thu Mar 03, 2016 3:22 pm
by Revelation
You can setup your src-nat to only allow the specific network you want routed out of the WAN interface. You can also setup routes for each network going out specific WAN interfaces.

Re: Mark Local Traffic on Specific Route.

Posted: Thu Mar 03, 2016 3:27 pm
by talha909
I am new. Can you plz create one nat for me.

Re: Mark Local Traffic on Specific Route.

Posted: Thu Mar 03, 2016 5:50 pm
by Revelation
I am new. Can you plz create one nat for me.
I'm not in front of my CCR so I cannot confirm the syntax on this. This should give you an idea, at least, of what you need to configure.
Code: Select all
/ip firewall nat 
 add chain=src-nat action=srcnat src-address=192.168.2.0/24 out-interface="WAN1"

For the WAN1 part you will need to input your physical interface.

Re: Mark Local Traffic on Specific Route.

Posted: Fri Mar 04, 2016 9:06 am
by talha909
Please check my firewall address list is correct.

/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1 Internet.
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2 Internet
add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3 Internet

/ip firewall address-list
add address=192.168.0.239 disabled=no list=DSL1_USERS_LIST

/ip firewall mangle
add action=mark-routing chain=prerouting disabled=no new-routing-mark=wan1_user passthrough=no src-address-list=DSL1_USERS_LIST
add action=mark-routing chain=prerouting disabled=no new-routing-mark=wan2_user passthrough=no src-address-list=DSL2_USERS_LIST

/ip route
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=192.168.2.2 routing-mark=wan1_user scope=30 target-scope=10
add disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.3.2 routing-mark=wan2_user scope=30 target-scope=10

/ip firewall nat
add action=masquerade chain=srcnat disabled=no src-address=192.168.0.0/24
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/