Indice   FAQ  
Iscriviti  Login
Indice RouterOS RouterOS

Dubbio Balance pcc e VPN

Tutto su questo sistema operativo linux based - Configurazioni, dubbi, problematiche &....

Dubbio Balance pcc e VPN

Messaggioda abbio90 » lun 17 giu 2019, 22:58

Ciao a tutti...ho una RB con balance pcc in cui ho ISP1 wisp locale e ISP2 sim ho.mobile

ho impostato queste regole

/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade WAN" out-interface="ether5 WAN FLYNTER"
add action=masquerade chain=srcnat out-interface=lte1

/ip firewall mangle
add action=accept chain=prerouting dst-address=192.168.1.1 in-interface="BRIDGE LAN"
add action=accept chain=prerouting dst-address=192.168.159.1 in-interface="BRIDGE LAN"
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=lte1 new-connection-mark=ISP_ho \
passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface="ether5 WAN FLYNTER" \
new-connection-mark=ISP_fly passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-interface="BRIDGE LAN" \
new-connection-mark=ISP1_ho-conn passthrough=yes per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-interface="BRIDGE LAN" \
new-connection-mark=ISP2_fly-conn passthrough=yes per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=ISP1_ho-conn in-interface="BRIDGE LAN" new-routing-mark=\
to_ISP-ho passthrough=yes
add action=mark-routing chain=prerouting connection-mark=ISP2_fly-conn in-interface="BRIDGE LAN" new-routing-mark=\
to_ISP-fly passthrough=yes
add action=mark-routing chain=output connection-mark=ISP1_ho-conn new-routing-mark=to_ISP-ho passthrough=yes
add action=mark-routing chain=output connection-mark=ISP2_fly-conn new-routing-mark=to_ISP-fly passthrough=yes

/ip route
add check-gateway=ping distance=1 gateway=8.8.4.4 routing-mark=to_ISP-ho target-scope=30
add check-gateway=ping comment="WAN FLYNTER" distance=1 gateway=8.8.8.8 routing-mark=to_ISP-fly target-scope=30

add check-gateway=ping distance=1 gateway=8.8.4.4 target-scope=30
add check-gateway=ping distance=2 gateway=8.8.8.8 target-scope=30

add distance=1 dst-address=8.8.4.4/32 gateway=192.168.1.1
add distance=1 dst-address=8.8.8.8/32 gateway=192.168.159.1

pare che spesso esempio da pc portatile se lancio lo speed test rileva l'ip dell'isp2 e usa la banda dell'isp1
o viceversa..

inoltre a questo device c'è un vpn server che per farlo andare devo disabilitare ISP2 (LTE)
qualcuno sa aiutarmi?
Scopri https://foisfabio.it - Tutorial sul Network
Avatar utente
abbio90
Mikrotik-Pro 1° Liv
Mikrotik-Pro 1° Liv
 
Messaggi: 517
Iscritto il: lun 26 giu 2017, 19:11
Località: Oristano
Uso routerOS dalla Versione: v4.x
Certificazioni Mikrotik: MTCNA

Re: Dubbio Balance pcc e VPN

Messaggioda abbio90 » lun 17 giu 2019, 23:35

scusate, la parte mangle è questa..
riposto anche il rsto nel commento per comodita


/ip firewall mangle
add action=accept chain=prerouting dst-address=192.168.1.1 in-interface="BRIDGE LAN"
add action=accept chain=prerouting dst-address=192.168.159.1 in-interface="BRIDGE LAN"
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=lte1 new-connection-mark=ISP_ho-conn \
passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface="ether5 WAN FLYNTER" \
new-connection-mark=ISP_fly-conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-interface="BRIDGE LAN" \
new-connection-mark=ISP_ho-conn passthrough=yes per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-interface="BRIDGE LAN" \
new-connection-mark=ISP_fly-conn passthrough=yes per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=ISP_ho-conn in-interface="BRIDGE LAN" new-routing-mark=\
to_ISP-ho passthrough=yes
add action=mark-routing chain=prerouting connection-mark=ISP_fly-conn in-interface="BRIDGE LAN" new-routing-mark=\
to_ISP-fly passthrough=yes
add action=mark-routing chain=output connection-mark=ISP1_ho-conn new-routing-mark=to_ISP-ho passthrough=yes
add action=mark-routing chain=output connection-mark=ISP2_fly-conn new-routing-mark=to_ISP-fly passthrough=yes

/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade WAN" out-interface="ether5 WAN FLYNTER"
add action=masquerade chain=srcnat out-interface=lte1

/ip route
add check-gateway=ping distance=1 gateway=8.8.4.4 routing-mark=to_ISP-ho target-scope=30
add check-gateway=ping comment="WAN FLYNTER" distance=1 gateway=8.8.8.8 routing-mark=to_ISP-fly target-scope=30

add check-gateway=ping distance=1 gateway=8.8.4.4 target-scope=30
add check-gateway=ping distance=2 gateway=8.8.8.8 target-scope=30

add distance=1 dst-address=8.8.4.4/32 gateway=192.168.1.1
add distance=1 dst-address=8.8.8.8/32 gateway=192.168.159.1

pare che spesso esempio da pc portatile se lancio lo speed test rileva l'ip dell'isp2 e usa la banda dell'isp1
o viceversa..

inoltre a questo device c'è un vpn server che per farlo andare devo disabilitare ISP2 (LTE)
qualcuno sa aiutarmi?
Scopri https://foisfabio.it - Tutorial sul Network
Avatar utente
abbio90
Mikrotik-Pro 1° Liv
Mikrotik-Pro 1° Liv
 
Messaggi: 517
Iscritto il: lun 26 giu 2017, 19:11
Località: Oristano
Uso routerOS dalla Versione: v4.x
Certificazioni Mikrotik: MTCNA



Torna a RouterOS

Chi c’è in linea

Visitano il forum: Nessuno e 9 ospiti