Answer the question
In order to leave comments, you need to log in
D
D
Dmitry2015-01-09 01:28:39
Dmitry, 2015-01-09 01:28:39
How to forward a port on the second provider?
There are two providers, Mikrotik and a server in LAN. There is access to the router itself from both providers - mark connection is configured for input and mark routing for output with the corresponding routes in ip/routes. I'm trying to forward from the second (not the main) ISP using marking in the forward chain and mark routing in prerouting - it doesn't work. Guru, look, pzhlst, where I messed up.
YYYY - ip of primary ISP
XXXX - ip of backup ISP
Flags: X - disabled, I - invalid, D - dynamic
0 X chain=prerouting action=mark-routing new-routing-mark=to_vpn
passthrough=yes dst-address-list= viaSQ1 log=no log-prefix=""
1 X chain=prerouting action=mark-routing new-routing-mark=to_vpn
passthrough=yes dst-address-list=viaSQ2 log=no log-prefix=""
2 chain=forward action=mark-connection new-connection-mark=fromWC
passthrough=no dst-address=YYYY log=no log-prefix= ""
3 chain=prerouting action=mark-routing new-routing-mark=toWC passthrough=n>
connection-mark=fromWC log=no log-prefix=""
4 chain=forward action=mark-connection new-connection-mark =fromOb
passthrough=no dst-address=XXXX log=no log-prefix=""
5 chain=prerouting action=mark-routing new-routing-mark=toOb passthrough=n>
connection-mark=fromOb log=no log-prefix =""
6 chain=input action=mark-connection new-connection-mark=fromWC
passthrough=no dst-address=YYYY in-interface=ether7 log=no
log-prefix=""
7 chain=output action=mark-routing new-routing-mark=toWC passthrough=no
connection-mark=fromWC log=no log -prefix=""
8 chain=input action=mark-connection new-connection-mark=fromOb
passthrough=no dst-address=XXXX in-interface=ether6 log=no
log-prefix=""
9 chain=output action=mark -routing new-routing-mark=toOb passthrough=no
connection-mark=fromOb log=no log-prefix="
[admin mikrotik ] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 ;; ;RDP videoserver
chain=dstnat action=dst-nat to-addresses=10.0.2.2 to-ports=3389
protocol=tcp in-interface=ether7 dst-port=3389 log=no log-prefix=""
1 chain=dstnat action=dst- nat to-addresses=10.0.2.2 to-ports=3389
protocol=tcp in-interface=ether6 dst-port=3389 log=no log-prefix=""
2 ;;; Obit SNAT
chain=srcnat action=src-nat to-addresses=XXXX
out-interface=ether6 log=no log-prefix=""
3 ;;; WestCall SNAT
chain=srcnat action=src-nat to-addresses=YYYY
out-interface=ether7 log=no log-prefix=""
route chunk
0 AS dst-address=0.0.0.0/0 gateway=37.2XXX
gateway-status= 37.2XX
scope=30 target-scope=10 routing-mark=toOb
1 AS dst-address=0.0.0.0/0 gateway=84.5YYY
gateway-status=84.5YYY reachable via ether7 distance=5 scope=30
target-scope=10 routing- mark=toWC
2 AS dst-address=0.0.0.0/0 gateway=84.5YYY
gateway-status=84.5YYY reachable via ether7 check-gateway=ping
distance=10 scope=30 target-scope=10
1 answer(s)
@hempy80
C
Cool Admin, 2015-01-09 @hempy80
Forward what? If you need D-NAT on both providers, then only D-NAT needs to be configured, and you have already configured traffic flow through the required provider.
Mikrotik with Multiple WAN IP's and Port Forwarding
Similar questions
I
A
A
S
R
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question