Hi,
Can someone please give an explanation how I can achive the following?
House A has an internet connection to provider X with Routerboard 1.
House B has an internet connection to provider Y with Routerboard 2.
I would like to have:
Routerboard 1 port 2 = provider X
Routerboard 1 port 3 = provider Y
Routerboard 2 port 2 = provider X
Routerboard 2 port 3 = provider Y
(the purpose is to access services that are only accessible when connected to the providers' network)
I guess I need to make a VPN between the two Routerboards, and than make 2 VLANs, and trunk the VLANs over the VPN link.
Is that correct?
But I want more details please...
Thanks!
Re: Connection between 2 houses
You won't need vlans to accomplish this.
Set up a vpn tunnel of your preference, add a /30 transport network to it and set appropriate routes for the remote subnets.
Make sure you add accept rules for the traffic from/to the other subnet to traverse.
Add a NAT rule to masquerade traffic from the other subnet out to WAN.
Add routes to the services you would like to re-route with gateway=<remote end of the transport subnet>.
Off you go.
-Chris
Set up a vpn tunnel of your preference, add a /30 transport network to it and set appropriate routes for the remote subnets.
Make sure you add accept rules for the traffic from/to the other subnet to traverse.
Add a NAT rule to masquerade traffic from the other subnet out to WAN.
Add routes to the services you would like to re-route with gateway=<remote end of the transport subnet>.
Off you go.
-Chris
Re: Connection between 2 houses
Unfortunately, I can't get this to work...and set appropriate routes for the remote subnets.
Site A has subnet 10.10.100.0/24, router at 10.10.100.254
Site B has subnet 10.10.200.0/24, router at 10.10.200.254
There is a working IPsec VPN link between them
Let's say I am on Site A, and I want to route traffic to 8.8.8.8 (example) via the ISP of Site B
So I would enter a static route:
Code: Select all
/ip route add dst-address=8.8.8.8 gateway=10.10.200.254 prf-src=10.10.100.254Who can help me please?
Thanks!
Re: Connection between 2 houses
You probably want to share details about that IPSec link, it sounds suspicious.
Re: Connection between 2 houses
Well, I'd say this is normal as routes should point to connected networks - and 10.10.200.0/24 is routed, not local.however, this gives an "unreachable" in Winbox ... and a tracert 8.8.8.8 on my PC still goes at directly to site A's ISP...Code: Select all/ip route add dst-address=8.8.8.8 gateway=10.10.200.254 prf-src=10.10.100.254
I'd suggest a GRE tunnel through IPsec to accomplish this.
And be sure you set up your masquerading rules on the remote side accordingly.
-Chris