Scribd
Upload
77 views

Mikrotik Balanceo Wan

This document contains the configuration of a MikroTik router. It has 3 WAN connections and a local network with DHCP and NAT services. Traffic is classified and routed across the different WAN links using connection and routing marks set in the firewall mangle rules. Remote administration is enabled on port 8391.

Uploaded by

León Correa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
77 views

Mikrotik Balanceo Wan

This document contains the configuration of a MikroTik router. It has 3 WAN connections and a local network with DHCP and NAT services. Traffic is classified and routed across the different WAN links using connection and routing marks set in the firewall mangle rules. Remote administration is enabled on port 8391.

Uploaded by

León Correa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

# mar/11/2020 17:02:46 by RouterOS 6.46.

# software id = PDDP-N8QD

# model = RB760iGS

# serial number = AE370A08C7AD

/interface bridge

add name=LAN1

/interface ethernet

set [ find default-name=ether1 ] name="wan1"

set [ find default-name=ether2 ] name="wan2"

/ip dhcp-server

add add-arp=yes address-pool="Red Local" disabled=no interface=LAN1 name=\

"Red Local"

/queue type

add kind=pcq name=Upload pcq-classifier=src-address pcq-dst-address6-mask=64 \

pcq-rate=5120k pcq-src-address6-mask=64

add kind=pcq name=Download pcq-classifier=dst-address pcq-dst-address6-mask=\

64 pcq-rate=5120k pcq-src-address6-mask=64

/queue simple

add max-limit=10M/10M name="Red Local" queue=Upload/Download target=LAN1

/interface bridge port

add bridge=LAN1 interface=ether3

/ip address

add address=192.168.15.1/24 interface=LAN1 network=192.168.15.0

add address=190.0.58.222/24 interface="wan1" network=190.0.58.220

add address=180.0.58.222/24 interface="wan2" network=180.0.58.220

/ip dhcp-server network

add address=192.168.15.0/24 dns-server=192.168.15.1 gateway=192.168.15.1 netmask=24


/ip dns

set allow-remote-requests=yes servers=8.8.8.8

/ip firewall nat

add action=masquerade chain=srcnat out-interface="wan1"

add action=masquerade chain=srcnat out-interface="wan2"

/ip route

add check-gateway=ping distance=1 gateway=181.143.7.202 routing-mark=to_wan1

add check-gateway=ping distance=2 gateway=172.217.30.196 routing-mark=to_wan1

add check-gateway=ping distance=1 gateway=172.217.30.196 routing-mark=to_wan2

add check-gateway=ping distance=2 gateway=181.143.7.202 routing-mark=to_wan2

add distance=1 gateway=190.0.58.221

add distance=2 gateway=180.0.58.221

add distance=1 dst-address=13.227.27.226/32 gateway=180.0.58.221 scope=10

add distance=1 dst-address=172.217.30.196/32 gateway=190.0.58.221 scope=10

/ip service

set telnet disabled=yes

set ftp disabled=yes

set www disabled=yes

set ssh disabled=yes

set api disabled=yes

set winbox port=8391

set api-ssl disabled=yes

/system clock

set time-zone-name=America/Bogota

/tool bandwidth-server

set enabled=no
# mar/11/2020 17:02:46 by RouterOS 6.46.3

# software id = PDDP-N8QD

# model = RB760iGS

# serial number = AE370A08C7AD

/interface bridge

add name=LAN1

/interface ethernet

set [ find default-name=ether1 ] name="WAN1 Tigo"

set [ find default-name=ether2 ] name="WAN2 claro"

set [ find default-name=ether3 ] name="WAN3 Movistar"

/interface l2tp-client

add connect-to=181.143.7.202 disabled=no ipsec-secret=abcd1234 name=l2tp-out1 \

password=Worknet2150 use-ipsec=yes user=Balanced3

/interface wireless security-profiles

set [ find default=yes ] supplicant-identity=MikroTik

/ip hotspot profile


set [ find default=yes ] html-directory=flash/hotspot

/ip pool

add name="Red Local" ranges=10.53.0.2-10.53.0.254

/ip dhcp-server

add add-arp=yes address-pool="Red Local" disabled=no interface=LAN1 name=\

"Red Local"

/queue type

add kind=pcq name=Upload pcq-classifier=src-address pcq-dst-address6-mask=64 \

pcq-rate=5120k pcq-src-address6-mask=64

add kind=pcq name=Download pcq-classifier=dst-address pcq-dst-address6-mask=\

64 pcq-rate=5120k pcq-src-address6-mask=64

/queue simple

add max-limit=10M/10M name="Red Local" queue=Upload/Download target=LAN1

/interface bridge port

add bridge=LAN1 interface=ether4

add bridge=LAN1 interface=ether5

/ip address

add address=10.53.0.1/24 interface=LAN1 network=10.53.0.0

add address=192.168.1.10/24 interface="WAN1 Tigo" network=192.168.1.0

add address=192.168.2.10/24 interface="WAN2 claro" network=192.168.2.0

add address=192.168.3.10/24 interface="WAN3 Movistar" network=192.168.3.0

/ip dhcp-server lease

add address=10.53.0.253 client-id=1:18:e8:29:9c:a4:9a mac-address=\

18:E8:29:9C:A4:9A server="Red Local"

/ip dhcp-server network

add address=10.53.0.0/24 dns-server=10.53.0.1 gateway=10.53.0.1 netmask=24

/ip dns

set allow-remote-requests=yes servers=192.168.125.1,192.168.2.1,192.168.3.1

/ip firewall mangle


add action=mark-connection chain=prerouting comment="VPN Internet" \

new-connection-mark=VPN passthrough=yes src-address=10.53.0.0/24

add action=accept chain=prerouting src-address=10.53.0.0/24

add action=mark-connection chain=input in-interface="WAN1 Tigo" \

new-connection-mark=wan1_conn

add action=mark-connection chain=input in-interface="WAN2 claro" \

new-connection-mark=wan2_conn

add action=mark-connection chain=input in-interface="WAN3 Movistar" \

new-connection-mark=wan3_conn

add action=mark-routing chain=output connection-mark=wan1_conn \

new-routing-mark=to_wan1

add action=mark-routing chain=output connection-mark=wan2_conn \

new-routing-mark=to_wan2

add action=mark-routing chain=output connection-mark=wan3_conn \

new-routing-mark=to_wan3

add action=accept chain=prerouting dst-address=192.168.1.0/24 in-interface=\

LAN1

add action=accept chain=prerouting dst-address=192.168.2.0/24 in-interface=\

LAN1

add action=accept chain=prerouting dst-address=192.168.3.0/24 in-interface=\

LAN1

add action=mark-connection chain=prerouting dst-address-type=!local \

in-interface=LAN1 new-connection-mark=wan1_conn passthrough=yes \

per-connection-classifier=both-addresses:3/0

add action=mark-connection chain=prerouting dst-address-type=!local \

in-interface=LAN1 new-connection-mark=wan2_conn passthrough=yes \

per-connection-classifier=both-addresses:3/1

add action=mark-connection chain=prerouting dst-address-type=!local \

in-interface=LAN1 new-connection-mark=wan3_conn passthrough=yes \


per-connection-classifier=both-addresses:3/2

add action=mark-routing chain=prerouting connection-mark=wan1_conn \

in-interface=LAN1 new-routing-mark=to_wan1

add action=mark-routing chain=prerouting connection-mark=wan2_conn \

in-interface=LAN1 new-routing-mark=to_wan2

add action=mark-routing chain=prerouting connection-mark=wan3_conn \

in-interface=LAN1 new-routing-mark=to_wan3

/ip firewall nat

add action=masquerade chain=srcnat out-interface="WAN1 Tigo"

add action=masquerade chain=srcnat out-interface="WAN2 claro"

add action=masquerade chain=srcnat out-interface="WAN3 Movistar"

/ip route

add check-gateway=ping distance=1 gateway=181.143.7.202 routing-mark=to_wan1

add check-gateway=ping distance=2 gateway=172.217.30.196 routing-mark=to_wan1

add check-gateway=ping distance=3 gateway=13.227.27.226 routing-mark=to_wan1

add check-gateway=ping distance=1 gateway=172.217.30.196 routing-mark=to_wan2

add check-gateway=ping distance=2 gateway=181.143.7.202 routing-mark=to_wan2

add check-gateway=ping distance=3 gateway=13.227.27.226 routing-mark=to_wan2

add check-gateway=ping distance=1 gateway=13.227.27.226 routing-mark=to_wan3

add check-gateway=ping distance=2 gateway=172.217.30.196 routing-mark=to_wan3

add check-gateway=ping distance=3 gateway=181.143.7.202 routing-mark=to_wan3

add distance=1 gateway=192.168.2.1

add distance=1 gateway=192.168.3.1

add distance=1 gateway=192.168.1.1

add distance=1 dst-address=13.227.27.226/32 gateway=192.168.3.1 scope=10

add distance=1 dst-address=172.217.30.196/32 gateway=192.168.2.1 scope=10

add distance=1 dst-address=181.143.7.202/32 gateway=192.168.1.1 scope=10

add comment=VPN distance=1 dst-address=192.168.20.0/24 gateway=10.255.255.5

/ip service
set telnet disabled=yes

set ftp disabled=yes

set www disabled=yes

set ssh disabled=yes

set api disabled=yes

set winbox port=8391

set api-ssl disabled=yes

/system clock

set time-zone-name=America/Bogota

/tool bandwidth-server

set enabled=no

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy