Sorry for the double post, but it's easier for me this way
Currently we don't have the 2nd connection set-up, and the customers are all using our main connection.
We want
192.168.9.0/24 and
192.168.11.0/24 to be NAT-ed under the 2nd connection. (The ones in the diagram marked with NAT and PPPoE).
This is our Firewall -> Mangle setup
# sep/10/2007 00:08:12 by RouterOS 2.9.45
# software id = TUST-D0T
#
/ ip firewall mangle
add chain=forward action=mark-connection new-connection-mark=Internet passthrough=yes in-interface=internet \
comment="Transparent Proxy Traffic" disabled=no
add chain=prerouting action=mark-connection new-connection-mark=Internet passthrough=yes src-address-list=N-Zone \
comment="SRC N-Zone \(2\)" disabled=no
add chain=prerouting action=mark-connection new-connection-mark=Internet passthrough=yes dst-address-list=N-Zone \
comment="DST N-Zone \(2\)" disabled=no
add chain=prerouting action=mark-connection new-connection-mark=Extern passthrough=yes connection-mark=Internet \
src-address-list=N-Zone dst-address-list=!NExtern comment="SRC N-Zone -> DST Extern \(2\)" disabled=no
add chain=prerouting action=mark-connection new-connection-mark=Extern passthrough=yes connection-mark=Internet \
src-address-list=!NExtern dst-address-list=N-Zone comment="SRC Extern -> DST N-Zone \(2\)" disabled=no
add chain=prerouting action=mark-packet new-packet-mark=extern_trafic passthrough=no connection-mark=Extern comment="" \
disabled=no
add chain=output action=mark-packet new-packet-mark=extern_trafic passthrough=yes out-interface=lan comment="" disabled=no
We have this rather complex because we used to have
3 separate Queue Types (Different Speed Limits for
External Traffic - outside the country,
Metro Traffic - inside the country, and
Local Traffic - traffic done with other clients of our ISP)
Anyway, here is our Firewall > NAT:
# sep/10/2007 00:20:21 by RouterOS 2.9.45
# software id = TUST-D0T
#
/ ip firewall nat
add chain=dstnat action=redirect to-ports=3129 in-interface=!internet src-address=86.107.189.0/24 dst-port=80 protocol=tcp \
src-address-list=!NO_PROXY comment="Proxy Transparent Clienti - Clientii din lista NO_PROXY nu trec prin proxy \
\(limitari totale\)" disabled=no
add chain=srcnat action=masquerade src-address=192.168.9.0/24 comment="Masquerade PPPoE" disabled=no
add chain=srcnat action=masquerade src-address=192.168.110/24 comment="Masquerade NAT Customers" disabled=no
Here's our IP Addresses Setup:
# sep/10/2007 00:26:34 by RouterOS 2.9.45
# software id = TUST-D0T
#
/ ip address
add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=lan comment="Device-uri" disabled=no
add address=78.96.22.10/25 network=78.96.22.0 broadcast=78.96.22.127 interface=internet comment="Fibra UPC - 1st Connection" disabled=no
add address=86.107.189.1/24 network=86.107.189.0 broadcast=86.107.189.255 interface=lan comment="" disabled=no
add address=192.168.11.1/24 network=192.168.11.0 broadcast=192.168.11.255 interface=lan comment="NAT-ed Customers" \
disabled=no
add address=192.168.10.2/24 network=192.168.10.0 broadcast=192.168.10.255 interface=lan comment="2nd Connection" \
disabled=no
And this is the Ip -> Route export
# sep/10/2007 00:29:04 by RouterOS 2.9.45
# software id = TUST-D0T
#
/ ip route
add dst-address=0.0.0.0/0 gateway=78.96.22.1 pref-src=78.96.22.10 distance=1 scope=255 target-scope=10 comment="1st \
Connection" disabled=no
So... what are the exact steps we need to follow in order to have the 2nd connection working?
Thanks.