MikroTik PBR (Policy Based Routing) & Failover with 2 WAN

Post by: AL FURKAN
0 Comments
December 16, 2024

MikroTik PBR (Policy Based Routing) & Failover with 2 WAN

MikroTik Configuration:

/interface vlan

add interface=ether3 name=MGMT vlan-id=15

add interface=ether3 name=net1 vlan-id=100

add interface=ether3 name=net2 vlan-id=200

/interface wireless security-profiles

set [ find default=yes ] supplicant-identity=MikroTik

/ip pool

add name=dhcp_pool0 ranges=192.168.0.2-192.168.0.254

add name=dhcp_pool1 ranges=192.168.1.2-192.168.1.254

/ip dhcp-server

add address-pool=dhcp_pool0 disabled=no interface=net1 name=dhcp1

add address-pool=dhcp_pool1 disabled=no interface=net2 name=dhcp2

/ip address

add address=2.2.2.2/30 interface=ether1 network=2.2.2.0

add address=1.1.1.2/30 interface=ether2 network=1.1.1.0

add address=192.168.0.1/24 interface=net1 network=192.168.0.0

add address=192.168.1.1/24 interface=net2 network=192.168.1.0

add address=172.16.0.1/29 interface=MGMT network=172.16.0.0

/ip arp

add address=172.16.0.2 interface=MGMT mac-address=AA:BB:CC:80:70:00

/ip dhcp-client

add disabled=no interface=ether1

/ip dhcp-server network

add address=192.168.0.0/24 dns-server=8.8.8.8 gateway=192.168.0.1

add address=192.168.1.0/24 dns-server=8.8.8.8 gateway=192.168.1.1

/ip firewall address-list

add address=192.168.0.0/24 list=NET_1

add address=192.168.1.0/24 list=NET_2

add address=172.16.0.0/24 list=Local

/ip firewall mangle

add action=mark-routing chain=prerouting dst-address-list=!Local \

new-routing-mark=ISP_1 passthrough=yes src-address-list=NET_1

add action=mark-routing chain=prerouting dst-address-list=!Local \

new-routing-mark=ISP_2 passthrough=yes src-address-list=NET_2

/ip firewall nat

add action=masquerade chain=srcnat

/ip route

add distance=1 gateway=1.1.1.1 routing-mark=ISP_1

add distance=1 gateway=2.2.2.1 routing-mark=ISP_2

add distance=1 gateway=1.1.1.1

add distance=1 gateway=2.2.2.1

/system identity

set name=Local_Router

Cisco SW Configuration:

interface Ethernet0/0

description TO_Router

switchport trunk encapsulation dot1q

switchport mode trunk

duplex auto

end

interface Ethernet0/1

switchport access vlan 100

switchport mode access

duplex auto

end

interface Ethernet0/2

switchport access vlan 200

duplex auto

end

interface Vlan15

ip address 172.16.0.2 255.255.255.248

end

Post by: AL FURKAN
0 Comments
December 16, 2024

MikroTik PBR (Policy Based Routing) & Failover with 2 WAN

MikroTik Configuration:

/interface vlan

add interface=ether3 name=MGMT vlan-id=15

add interface=ether3 name=net1 vlan-id=100

add interface=ether3 name=net2 vlan-id=200

/interface wireless security-profiles

set [ find default=yes ] supplicant-identity=MikroTik

/ip pool

add name=dhcp_pool0 ranges=192.168.0.2-192.168.0.254

add name=dhcp_pool1 ranges=192.168.1.2-192.168.1.254

/ip dhcp-server

add address-pool=dhcp_pool0 disabled=no interface=net1 name=dhcp1

add address-pool=dhcp_pool1 disabled=no interface=net2 name=dhcp2

/ip address

add address=2.2.2.2/30 interface=ether1 network=2.2.2.0

add address=1.1.1.2/30 interface=ether2 network=1.1.1.0

add address=192.168.0.1/24 interface=net1 network=192.168.0.0

add address=192.168.1.1/24 interface=net2 network=192.168.1.0

add address=172.16.0.1/29 interface=MGMT network=172.16.0.0

/ip arp

add address=172.16.0.2 interface=MGMT mac-address=AA:BB:CC:80:70:00

/ip dhcp-client

add disabled=no interface=ether1

/ip dhcp-server network

add address=192.168.0.0/24 dns-server=8.8.8.8 gateway=192.168.0.1

add address=192.168.1.0/24 dns-server=8.8.8.8 gateway=192.168.1.1

/ip firewall address-list

add address=192.168.0.0/24 list=NET_1

add address=192.168.1.0/24 list=NET_2

add address=172.16.0.0/24 list=Local

/ip firewall mangle

add action=mark-routing chain=prerouting dst-address-list=!Local \

new-routing-mark=ISP_1 passthrough=yes src-address-list=NET_1

add action=mark-routing chain=prerouting dst-address-list=!Local \

new-routing-mark=ISP_2 passthrough=yes src-address-list=NET_2

/ip firewall nat

add action=masquerade chain=srcnat

/ip route

add distance=1 gateway=1.1.1.1 routing-mark=ISP_1

add distance=1 gateway=2.2.2.1 routing-mark=ISP_2

add distance=1 gateway=1.1.1.1

add distance=1 gateway=2.2.2.1

/system identity

set name=Local_Router

Cisco SW Configuration:

interface Ethernet0/0

description TO_Router

switchport trunk encapsulation dot1q

switchport mode trunk

duplex auto

end

interface Ethernet0/1

switchport access vlan 100

switchport mode access

duplex auto

end

interface Ethernet0/2

switchport access vlan 200

duplex auto

end

interface Vlan15

ip address 172.16.0.2 255.255.255.248

end

Al Furkan

MikroTik PBR (Policy Based Routing) & Failover with 2 WAN

No comments:

Post a Comment

Popular

Facebook

Subscribe Us

Tags

Tags Clouds

0 comments:

Post a Comment

Categories

0 comments:

Post a Comment

0 comments:

Post a Comment

MikroTik PBR (Policy Based Routing) & Failover with 2 WAN

0 comments:

Post a Comment

MikroTik PBR (Policy Based Routing) & Failover with 2 WAN

0 comments:

Post a Comment

Tags Clouds

Popular Posts

Pages