MikroTik

hi
i've commited a policy routing like described in wiki http://wiki.mikrotik.com/wiki/Policy_Ro ... erOS_2.9.x

every thing looks working good BUT
i CANT log in to router via second line

let say i have configuration like this
wan1 (default gateway) 192.168.10.10
wan2 (http pop3 etc) 192.168.20.10
lan1 10.0.0.10

when I connect to router via wan1 .. it's OK
but when I try to connect via wan2 packets which inintiate connection doesnt leave router the same interface from which they came. another words. router routes respons for my request from wan2 via default gateway (wan1) not via wan2 ... and that's why I can log in via wan2 connection

question: what to do with it ?

You have to mangle the packets coming in WAN2, then give them another view of the routing table thats for WAN2.

add chain=prerouting in-interface=l2tp-pip \
action=mark-connection \
new-connection-mark=in-pip-conn passthrough=yes \
comment="" disabled=yes
add chain=prerouting connection-mark=in-pip-conn \
action=mark-packet new-packet-mark=in-pip-packet \
passthrough=yes comment="" disabled=yes
add chain=prerouting packet-mark=in-pip-packet \
action=mark-routing new-routing-mark=out-pip \
passthrough=yes comment="" disabled=yes

Mark the connection, then mark the packets, then mark routing. Then, in your routing table, reproduce what you need for WAN2 (include connected routes as well) Add a route rule also (some versions need this, some don't):

/ ip route rule
add routing-mark=out-pip action=lookup table=out-pip \
comment="" disabled=no

Use routing-test package as well.

Sam

Use routing-test package as well.

Sam

Why ??

because i've never used standard routing package and dont know if policy routing and route-marking work the same as I know routing-test does.

Default gateway in MT just leave only one.

So in you situation you should cancel the default gateway.

Using the policy routing in you MT.