Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Multiple ISP - Multiple subnets

Locked
 
tms
just joined
Topic Author
Posts: 16
Joined: Fri Jan 08, 2016 1:21 pm
Location: Siofok, Hungary
Contact:
Contact tms

Multiple ISP - Multiple subnets

Mon Apr 18, 2016 7:47 pm

Hi there,

I am not so newbie in Mikrotik, but I have a question now.

I did before to setup multiple ISPs to ONE subnet (loadbalance, failower) , and did one ISP to multiple subnets, but I do not know how to combine these two.

I have two ISPs and now I have to forward datas to two subnets, to an office and a guest network.

I did two bridges: one for office, one for guest. After I have added the two gateways to the address list. Pools and everything is OK, but what about the firewall? I have to add everything two times? And after do the mangle rules and routes?

What's very important: 30+30=60M bandwith... :)

Please, help me. I copy my setup here.
Code: Select all
[admin@RTR-LIDO] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                
 0   192.168.1.254/24   192.168.1.0     bridge1-office                           
 1   192.168.111.254/24 192.168.111.0   bridge2-guest                            
 2   192.168.10.1/24    192.168.10.0    eth10-wan1                               
 3   192.168.20.1/24    192.168.20.0    eth9-wan2
Code: Select all
[admin@RTR-LIDO] /ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=input action=accept connection-state=new in-interface=bridge1-office 
      log=no log-prefix="" 

 1    chain=input action=accept connection-state=new in-interface=bridge2-guest 
      log=no log-prefix="" 

 2    chain=input action=accept connection-state=established log=no log-prefix=">

 3    chain=input action=accept connection-state=related log=no log-prefix="" 

 4    chain=input action=accept protocol=icmp log=no log-prefix="" 

 5    chain=input action=accept protocol=tcp in-interface=bridge1-office 
      dst-port=1723 log=no log-prefix="" 

 6    chain=input action=accept protocol=tcp in-interface=bridge2-guest 
      dst-port=1723 log=no log-prefix="" 

 7    chain=input action=drop log=no log-prefix="" 

 8    chain=forward action=accept src-address=192.168.1.0/24 
      in-interface=bridge1-office log=no log-prefix="" 

 9    chain=forward action=accept dst-address=192.168.1.0/24 
      out-interface=bridge1-office log=no log-prefix="" 

10    chain=forward action=accept src-address=192.168.111.0/24 
      in-interface=bridge2-guest log=no log-prefix="" 

11    chain=forward action=accept dst-address=192.168.111.0/24 
      out-interface=bridge2-guest log=no log-prefix="" 

12    chain=forward action=drop log=no log-prefix=""
Code: Select all
[admin@RTR-LIDO] /ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=input action=accept connection-state=new in-interface=bridge1-office 
      log=no log-prefix="" 

 1    chain=input action=accept connection-state=new in-interface=bridge2-guest 
      log=no log-prefix="" 

 2    chain=input action=accept connection-state=established log=no log-prefix=">

 3    chain=input action=accept connection-state=related log=no log-prefix="" 

 4    chain=input action=accept protocol=icmp log=no log-prefix="" 

 5    chain=input action=accept protocol=tcp in-interface=bridge1-office 
      dst-port=1723 log=no log-prefix="" 

 6    chain=input action=accept protocol=tcp in-interface=bridge2-guest 
      dst-port=1723 log=no log-prefix="" 

 7    chain=input action=drop log=no log-prefix="" 

 8    chain=forward action=accept src-address=192.168.1.0/24 
      in-interface=bridge1-office log=no log-prefix="" 

 9    chain=forward action=accept dst-address=192.168.1.0/24 
      out-interface=bridge1-office log=no log-prefix="" 

10    chain=forward action=accept src-address=192.168.111.0/24 
      in-interface=bridge2-guest log=no log-prefix="" 

11    chain=forward action=accept dst-address=192.168.111.0/24 
      out-interface=bridge2-guest log=no log-prefix="" 

12    chain=forward action=drop log=no log-prefix=""
Top
 
trangtrau
just joined
Posts: 7
Joined: Mon Feb 22, 2016 7:47 am

Re: Multiple ISP - Multiple subnets

Mon Apr 25, 2016 4:19 pm

https://www.youtube.com/watch?v=ThYBtmo_bcs

do follow this video. It suscees, but some website not properly because not support mutil ip
Top
 
tms
just joined
Topic Author
Posts: 16
Joined: Fri Jan 08, 2016 1:21 pm
Location: Siofok, Hungary
Contact:
Contact tms

Re: Multiple ISP - Multiple subnets

Sat Apr 30, 2016 7:31 pm

Thank You for your answer!

I did it, no problem to do the Mangle rules and routes, 30+30=60Mbps.
My problem is, that I have 2 subnets: 192.168.1.0 and 192.168.111.0.
I have to double every Mangle and Firewall Filter rules too?

Other question is... If I have multiWAN and my WAN1, the primary WAN is out, how to reach the router? I tried to disable WAN1, but after I cannot reach the router in WAN2. I have two DSL IPSs and using Mikrotik Cloud, made a script to force-update the Cloud DDNS IP in every minute, but can not reach the router.

Thank You all in advance!
Top
Locked
  4. RouterOS
  5. Beginner Basics