I need to redirect traffic from one VLAN to another gateway. And everything else through the first gate.
I have two Internet providers:
- WAN1 - main provider for all (and same provider for incoming traffic: WWW, SSH, FTP )
- WAN2 - a dedicated provider for a group of people on a VLAN-20
I saw examples on the forum, but they are probably for OS 6.x, unfortunately I did not find any for OS 7.6
Code: Select all
# RouterOS 7.6
# software id = CT6S-01WD
#
# model = RB3011UiAS
# serial number = ***
/ip firewall mangle
add action=mark-connection chain=prerouting comment="From VLAN20 to WAN2" connection-mark=no-mark \
in-interface=VLAN-20 log-prefix="MARK CONNECTION" new-connection-mark=fromV20 passthrough=yes
add action=mark-routing chain=prerouting comment=viaWAN2 connection-mark=fromV20 \
in-interface=VLAN-20 log-prefix="MARK ROUTING" new-routing-mark=tableWAN2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN-1-PPPoE
add action=masquerade chain=srcnat out-interface=WAN-2-ether5
/ip route
add distance=1 dst-address=0.0.0.0/0 gateway=192.168.10.1 pref-src="" routing-table=main scope=40 suppress-hw-offload=no target-scope=20 vrf-interface=WAN-2-ether5 check-gateway=arp comment="WAN2"
add distance=1 dst-address=0.0.0.0/0 gateway=172.16.20.1 pref-src="" routing-table=main scope=40 suppress-hw-offload=no target-scope=20 vrf-interface=WAN-1-PPPoE check-gateway=arp comment="WAN1"
/routing table
add fib name=tableWAN2
/routing rule
#add action=lookup-only-in-table routing-mark=main table=main disabled=yes
add action=lookup-only-in-table routing-mark=tableWAN2 table=tableWAN2
