Scribd Logo
Upload

Welcome to Scribd!

  • 43 views

    Mikrotik Firewall

    Uploaded by

    Layer3 Communication
    The document configures 15 WAN connections (WAN-1 through WAN-15) on an interface. It sets up masquerading, connection marking, routing marking, and routing for load balancing across the 15 WAN links.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Mikrotik Firewall

    Uploaded by

    Layer3 Communication
    43 views5 pages
    The document configures 15 WAN connections (WAN-1 through WAN-15) on an interface. It sets up masquerading, connection marking, routing marking, and routing for load balancing across the 15 WAN links.

    Original Title

    Mikrotik-Firewall.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document configures 15 WAN connections (WAN-1 through WAN-15) on an interface. It sets up masquerading, connection marking, routing marking, and routing for load balancing across the 15 WAN links.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    43 views5 pages

    Mikrotik Firewall

    Uploaded by

    Layer3 Communication
    The document configures 15 WAN connections (WAN-1 through WAN-15) on an interface. It sets up masquerading, connection marking, routing marking, and routing for load balancing across the 15 WAN links.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    You are on page 1of 5

    /interface pppoe-client

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-1 password=sajib


    user=sssajib1

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-2 password=sajib


    user=sssajib2

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-3 password=sajib


    user=sssajib3

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-4 password=sajib


    user=sssajib4

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-5 password=sajib


    user=sssajib5

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-6 password=sajib


    user=sssajib6

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-7 password=sajib


    user=sssajib7

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-8 password=sajib


    user=sssajib8

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-9 password=sajib


    user=sssajib9

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-10 password=sajib


    user=sssajib10

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-11 password=sajib


    user=sssajib11

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-12 password=sajib


    user=sssajib12

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-13 password=sajib


    user=sssajib13

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-14 password=sajib


    user=sssajib14

    add add-default-route=no disabled=no interface=sfp-sfpplus1 name=WAN-15 password=sajib


    user=sssajib15

    /ip firewall nat

    add action=masquerade chain=srcnat out-interface=WAN-1


    add action=masquerade chain=srcnat out-interface=WAN-2

    add action=masquerade chain=srcnat out-interface=WAN-3

    add action=masquerade chain=srcnat out-interface=WAN-4

    add action=masquerade chain=srcnat out-interface=WAN-5

    add action=masquerade chain=srcnat out-interface=WAN-6

    add action=masquerade chain=srcnat out-interface=WAN-7

    add action=masquerade chain=srcnat out-interface=WAN-8

    add action=masquerade chain=srcnat out-interface=WAN-9

    add action=masquerade chain=srcnat out-interface=WAN-10

    add action=masquerade chain=srcnat out-interface=WAN-11

    add action=masquerade chain=srcnat out-interface=WAN-12

    add action=masquerade chain=srcnat out-interface=WAN-13

    add action=masquerade chain=srcnat out-interface=WAN-14

    add action=masquerade chain=srcnat out-interface=WAN-15

    /ip firewall mangle

    add action=accept chain=prerouting in-interface=WAN-1

    add action=accept chain=prerouting in-interface=WAN-2

    add action=accept chain=prerouting in-interface=WAN-3

    add action=accept chain=prerouting in-interface=WAN-4

    add action=accept chain=prerouting in-interface=WAN-5

    add action=accept chain=prerouting in-interface=WAN-6

    add action=accept chain=prerouting in-interface=WAN-7

    add action=accept chain=prerouting in-interface=WAN-8

    add action=accept chain=prerouting in-interface=WAN-9

    add action=accept chain=prerouting in-interface=WAN-10

    add action=accept chain=prerouting in-interface=WAN-11

    add action=accept chain=prerouting in-interface=WAN-12

    add action=accept chain=prerouting in-interface=WAN-13


    add action=accept chain=prerouting in-interface=WAN-14

    add action=accept chain=prerouting in-interface=WAN-15

    add action=mark-connection chain=prerouting comment=ISP_Mark_Connection dst-address-type=!local


    new-connection-mark=ISP1_CON passthrough=yes per-connection-classifier=both-addresses-and-
    ports:6/0 src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP2_CON passthrough=yes per-connection-classifier=both-addresses-and-ports:6/1
    src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP3_CON passthrough=yes per-connection-classifier=both-addresses-and-ports:6/2
    src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP4_CON passthrough=yes per-connection-classifier=both-addresses-and-ports:6/3
    src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP5_CON passthrough=yes per-connection-classifier=both-addresses-and-ports:6/4
    src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP6_CON passthrough=yes per-connection-classifier=both-addresses-and-ports:6/5
    src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP7_CON passthrough=yes per-connection-classifier=both-addresses-and-ports:6/6
    src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP8_CON passthrough=yes per-connection-classifier=both-addresses-and-ports:14/7
    src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP9_CON passthrough=yes per-connection-classifier=both-addresses-and-ports:14/8
    src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP10_CON passthrough=yes per-connection-classifier=both-addresses-and-ports:14/9
    src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP11_CON passthrough=yes per-connection-classifier=both-addresses-and-
    ports:14/10 src-address-type=""
    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-
    connection-mark=ISP12_CON passthrough=yes per-connection-classifier=both-addresses-and-
    ports:14/11 src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP13_CON passthrough=yes per-connection-classifier=both-addresses-and-
    ports:14/12 src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP14_CON passthrough=yes per-connection-classifier=both-addresses-and-
    ports:14/13 src-address-type=""

    add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-


    connection-mark=ISP15_CON passthrough=yes per-connection-classifier=both-addresses-and-
    ports:14/14 src-address-type=""

    add action=mark-routing chain=prerouting connection-mark=ISP1_CON new-routing-mark=ISP1_Route


    passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP2_CON new-routing-mark=ISP2_Route


    passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP3_CON new-routing-mark=ISP3_Route


    passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP4_CON new-routing-mark=ISP4_Route


    passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP5_CON new-routing-mark=ISP5_Route


    passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP6_CON new-routing-mark=ISP6_Route


    passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP7_CON new-routing-mark=ISP7_Route


    passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP8_CON new-routing-mark=ISP8_Route


    passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP9_CON new-routing-mark=ISP9_Route


    passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP10_CON new-routing-


    mark=ISP10_Route passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP11_CON new-routing-


    mark=ISP11_Route passthrough=yes
    add action=mark-routing chain=prerouting connection-mark=ISP12_CON new-routing-
    mark=ISP12_Route passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP13_CON new-routing-


    mark=ISP13_Route passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP14_CON new-routing-


    mark=ISP14_Route passthrough=yes

    add action=mark-routing chain=prerouting connection-mark=ISP15_CON new-routing-


    mark=ISP15_Route passthrough=yes

    /ip route

    add check-gateway=ping distance=1 gateway=WAN-1 routing-mark=ISP1_Route

    add check-gateway=ping distance=1 gateway=WAN-2 routing-mark=ISP2_Route

    add check-gateway=ping distance=1 gateway=WAN-3 routing-mark=ISP3_Route

    add check-gateway=ping distance=1 gateway=WAN-4 routing-mark=ISP4_Route

    add check-gateway=ping distance=1 gateway=WAN-5 routing-mark=ISP5_Route

    add check-gateway=ping distance=1 gateway=WAN-6 routing-mark=ISP6_Route

    add check-gateway=ping distance=1 gateway=WAN-7 routing-mark=ISP7_Route

    add check-gateway=ping distance=1 gateway=WAN-8 routing-mark=ISP8_Route

    add check-gateway=ping distance=1 gateway=WAN-9 routing-mark=ISP9_Route

    add check-gateway=ping distance=1 gateway=WAN-10 routing-mark=ISP10_Route

    add check-gateway=ping distance=1 gateway=WAN-11 routing-mark=ISP11_Route

    add check-gateway=ping distance=1 gateway=WAN-12 routing-mark=ISP12_Route

    add check-gateway=ping distance=1 gateway=WAN-13 routing-mark=ISP13_Route

    add check-gateway=ping distance=1 gateway=WAN-14 routing-mark=ISP14_Route

    add check-gateway=ping distance=1 gateway=WAN-15 routing-mark=ISP15_Route

    add check-gateway=ping distance=1 gateway="WAN-1,WAN-2,WAN-3,WAN-4,WAN-5,WAN-6,WAN-


    7,WAN-8,WAN-9,WAN-10,WAN-11,WAN-12,WAN-13,WAN-14,WAN-15"

    You might also like