hi there
i have 2 internet connection, One From PPPoE through interface-2 and the other on interface-5 From LTE Modem using DHCP Clint.
both of them have Static Public IP address Tied To its own interfaces.
i want to separate my users internet connection based on PCC and Address-List they are member of.
to do so, i wrote mangle rules and added Manual Routes.
but my Wifi Clients IP Range (CapsMan + HotSpot) on Specific Address-List, Connect Through Active WAN-1
while they are Considered To be Connect Through WAN-2.
here is My configuration Details:
mangle Rules:
i have 2 internet connection, One From PPPoE through interface-2 and the other on interface-5 From LTE Modem using DHCP Clint.
both of them have Static Public IP address Tied To its own interfaces.
i want to separate my users internet connection based on PCC and Address-List they are member of.
to do so, i wrote mangle rules and added Manual Routes.
but my Wifi Clients IP Range (CapsMan + HotSpot) on Specific Address-List, Connect Through Active WAN-1
while they are Considered To be Connect Through WAN-2.
here is My configuration Details:
mangle Rules:
Code:
/ip firewall mangleadd action=accept chain=prerouting dst-address-list=Connected \ src-address-list=Connectedadd action=mark-connection chain=prerouting connection-mark=no-mark \ connection-state=new in-interface="eth5[WAN1]" new-connection-mark=\ WAN1_conn passthrough=yesadd action=mark-connection chain=prerouting connection-mark=no-mark \ connection-state=new in-interface=WAN2-PPPoE new-connection-mark=\ WAN2_conn passthrough=yesadd action=mark-routing chain=output connection-mark=WAN2_conn \ new-routing-mark="WAN2[ISP2]" passthrough=yesadd action=mark-routing chain=output connection-mark=WAN1_conn \ new-routing-mark="WAN1[IPS1]" passthrough=yesadd action=mark-connection chain=prerouting connection-mark=no-mark \ connection-state=new dst-address-type=!local in-interface=bridge-LAN \ new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=\ src-address-and-port:2/0 src-address-list=WAN2-Listadd action=mark-connection chain=prerouting connection-mark=no-mark \ connection-state=new dst-address-type=!local in-interface=bridge-LAN \ new-connection-mark=WAN1_conn passthrough=yes \ per-connection-classifier=src-address-and-port:2/1 src-address-list=\ WAN1-Listadd action=mark-routing chain=prerouting connection-mark=WAN2_conn \ in-interface=bridge-LAN new-routing-mark="WAN2[ISP2]" passthrough=yes \ src-address-list=WAN2-Listadd action=mark-routing chain=prerouting connection-mark=WAN1_conn \ in-interface=bridge-LAN new-routing-mark="WAN1[IPS1]" passthrough=yes \ src-address-list=WAN1-List /ip firewall address-listadd address=192.168.2.17 list=WAN1-Listadd address=192.168.5.0/24 list=WAN2-Listadd address=192.168.30.100 list=Connectedadd address=192.168.10.0/24 list=Connectedadd address=192.168.20.0/24 list=Connectedadd address=192.168.40.0/24 list=Connectedadd address=192.168.50.0/24 list=Connectedadd address=192.168.110.0/24 list=Connected/ip routeadd disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.3.1 \ pref-src="" routing-table="WAN1[IPS1]" scope=30 suppress-hw-offload=\ no target-scope=10add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.3.1 \ pref-src="" routing-table=main scope=30 suppress-hw-offload=no \ target-scope=10add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=WAN2-PPPoE pref-src=\ "" routing-table=main scope=30 suppress-hw-offload=no target-scope=10add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=WAN2-PPPoE pref-src=\ "" routing-table="WAN2[ISP2]" scope=30 suppress-hw-offload=no \ target-scope=10Statistics: Posted by sipher — Sat Jun 01, 2024 12:00 pm
