Buenas,Export completo, please. No se ve como creas las vlans, ni la las interfaces. Quien es “WAN2”?
Por otro lado. ¿Te funcionan de manera alterna? Es decir, si apagas una, te funciona la otra y viceversa?
Saludos!
Nexo1 = VLAN20 sobre WAN1 = Ethernet1
Nexo2 = VLAN20 sobre WAN2 = Ethernet2
Si desconecto el cable de la primera, me enruta a internet por WAN3, que es el router 4G (default distance = 3)
La WAN2/Nexo2 no me levanta IP, por lo que la obvia como segundo camino de salida a Internet.
Código:
# feb/03/2022 21:38:34 by RouterOS 7.1.1
# software id = 90P7-FE6V
#
# model = RBD53iG-5HacD2HnD
# serial number = E7290E329005
/interface bridge
add admin-mac=2C:C8:1B:A0:AE:25 auto-mac=no name=bridge
/interface ethernet
set [ find default-name=ether3 ] name="4G ETHER3"
set [ find default-name=ether1 ] name=WAN1
set [ find default-name=ether2 ] name=WAN2
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX \
disabled=no distance=indoors frequency=auto installation=indoor mode=\
ap-bridge ssid="NEXO ALITER 2.4G" wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\
20/40/80mhz-Ceee country=spain disabled=no distance=indoors frequency=\
auto installation=indoor mode=ap-bridge ssid="NEXO ALITER 5G" \
wireless-protocol=802.11
/interface vlan
add interface=WAN1 name=NEXO1 vlan-id=20
add interface=WAN2 name=NEXO2 vlan-id=20
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
group-ciphers=tkip,aes-ccm mode=dynamic-keys supplicant-identity=MikroTik \
unicast-ciphers=tkip,aes-ccm
/ip pool
add name=dhcp ranges=192.168.0.20-192.168.0.180
/ip dhcp-server
add address-pool=dhcp interface=bridge lease-time=1d name=defconf
/routing bgp template
set default as=65530 disabled=no name=default output.network=bgp-networks
/routing ospf instance
add name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/interface bridge port
add bridge=bridge ingress-filtering=no interface=ether4
add bridge=bridge ingress-filtering=no interface=ether5
add bridge=bridge ingress-filtering=no interface=wlan1
add bridge=bridge ingress-filtering=no interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface list member
add interface=bridge list=LAN
add interface=NEXO1 list=WAN
add interface="4G ETHER3" list=WAN
add interface=NEXO2 list=WAN
/ip address
add address=192.168.0.1/24 comment=defconf interface=bridge network=\
192.168.0.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add interface=NEXO1
add default-route-distance=2 interface=NEXO2
add default-route-distance=3 interface="4G ETHER3"
/ip dhcp-server network
add address=192.168.0.0/24 comment=defconf dns-server=1.1.1.1 gateway=\
192.168.0.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=1.1.1.1,1.1.1.3
/ip dns static
add address=192.168.0.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=accept chain=input comment=letsencrypt-challenge-TO-DELETE \
dst-port=443 protocol=tcp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
add action=masquerade chain=srcnat out-interface=WAN2
add action=dst-nat chain=dstnat dst-port=8006 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.11 to-ports=8006
add action=dst-nat chain=dstnat dst-port=8006 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.11 to-ports=8006
add action=dst-nat chain=dstnat dst-port=80 in-interface-list=WAN protocol=\
tcp to-addresses=192.168.0.12 to-ports=80
add action=dst-nat chain=dstnat dst-port=587 in-interface=NEXO1 \
in-interface-list=WAN log=yes protocol=tcp to-addresses=192.168.0.11 \
to-ports=587
add action=dst-nat chain=dstnat dst-port=81 in-interface-list=WAN protocol=\
tcp to-addresses=192.168.0.196 to-ports=81
add action=dst-nat chain=dstnat dst-port=3390 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.12 to-ports=3390
add action=dst-nat chain=dstnat dst-port=3390 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.12 to-ports=3390
add action=dst-nat chain=dstnat dst-port=3391 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.13 to-ports=3391
add action=dst-nat chain=dstnat dst-port=3391 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.13 to-ports=3391
add action=dst-nat chain=dstnat dst-port=3392 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.14 to-ports=3392
add action=dst-nat chain=dstnat dst-port=3392 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.14 to-ports=3392
add action=dst-nat chain=dstnat dst-port=6036 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.196 to-ports=6036
add action=dst-nat chain=dstnat dst-port=6036 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.196 to-ports=6036
add action=dst-nat chain=dstnat dst-port=3306 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.200 to-ports=3306
add action=dst-nat chain=dstnat dst-port=3306 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.200 to-ports=3306
add action=dst-nat chain=dstnat dst-port=5566 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.200 to-ports=5566
add action=dst-nat chain=dstnat dst-port=5566 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.200 to-ports=5566
add action=dst-nat chain=dstnat dst-port=7850 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.200 to-ports=7850
add action=dst-nat chain=dstnat dst-port=7850 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.200 to-ports=7850
add action=dst-nat chain=dstnat dst-port=1723 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.250 to-ports=1723
add action=dst-nat chain=dstnat dst-port=1723 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.250 to-ports=1723
add action=dst-nat chain=dstnat dst-port=587 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.11 to-ports=587
add action=dst-nat chain=dstnat dst-port=1701 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.250 to-ports=1701
add action=dst-nat chain=dstnat dst-port=1701 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.250 to-ports=1701
add action=dst-nat chain=dstnat dst-port=500 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.250 to-ports=500
add action=dst-nat chain=dstnat dst-port=500 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.250 to-ports=500
add action=dst-nat chain=dstnat dst-port=4500 in-interface-list=WAN log=yes \
protocol=tcp to-addresses=192.168.0.250 to-ports=4500
add action=dst-nat chain=dstnat dst-port=4500 in-interface-list=WAN log=yes \
protocol=udp to-addresses=192.168.0.250 to-ports=4500
/ip service
set www-ssl certificate=letsencrypt-autogen_2022-02-01T19:44:53Z disabled=no
/system clock
set time-zone-name=Europe/Madrid
/system identity
set name=ALITER
/system leds
set 0 interface=wlan1 leds=led1,led2,led3,led4,led5 type=\
wireless-signal-strength
set 1 leds=poe-led type=poe-out
/system routerboard settings
set cpu-frequency=auto
/tool e-mail
set address=nexo.es from=Aliter port=587 user=mikrotik@nexo.es
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
Vuelvo a poner el export, sorry.
gracias!