Friday, 1 November 2019

Membagi 2 ISP Pada Mikrotik

Berikut Perintahnya

/ip firewall address-list
add address=192.168.12.2-192.168.12.255 disabled=no list=ISP-1
add address=100.100.10.51-100.100.10.255 disabled=no list=ISP-1
add address=100.100.10.2-100.100.10.50 disabled=no list=ISP-2
add address=192.168.222.2-192.168.222.225 disabled=no list=ISP-1

 /ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface="eth2 ISP-1" \
    src-address-list=ISP-1 to-addresses=111.111.111.111
add action=masquerade chain=srcnat disabled=no out-interface="eth1 ISP-2" \
    src-address-list=ISP-2 to-addresses=222.222.222.222

 /ip firewall mangle
add action=mark-connection chain=input comment=ISP-1 disabled=no \
    in-interface="eth2 ISP-1" new-connection-mark=ISP-1_conn passthrough=\
    yes
add action=mark-routing chain=output connection-mark=ISP-1_conn disabled=no \
    new-routing-mark=ISP-1 passthrough=no
add action=mark-connection chain=prerouting disabled=no dst-address-list=\
    !ISP-1 dst-address-type=!local in-interface="eth4 LOCAL" \
    new-connection-mark=ISP-1_conn passthrough=yes
add action=mark-routing chain=prerouting connection-mark=ISP-1_conn \
    disabled=no dst-address-type="" in-interface="eth4 LOCAL" \
    new-routing-mark=ISP-1 passthrough=yes src-address-list=ISP-1
add action=mark-connection chain=input comment=ISP-2 disabled=no \
    in-interface="eth1 ISP-2" new-connection-mark=ISP-2_conn passthrough=\
    yes
add action=mark-routing chain=output connection-mark=ISP-2_conn disabled=no \
    new-routing-mark=ISP-2 passthrough=no
add action=mark-connection chain=prerouting disabled=no dst-address-list=\
    !ISP-2 dst-address-type=!local in-interface="eth4 LOCAL" \
    new-connection-mark=ISP-2_conn passthrough=yes
add action=mark-routing chain=prerouting connection-mark=ISP-2_conn \
    disabled=no in-interface="eth4 LOCAL" new-routing-mark=ISP-2 \
    passthrough=yes src-address-list=ISP-2
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    43.229.252.137 routing-mark=ISP-1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    192.168.1.1 routing-mark=ISP-2 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=43.229.252.137 \
    scope=30 target-scope=10
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=30 \
    target-scope=10
/ip route rule
add action=lookup disabled=no dst-address=100.100.10.0/24 table=main
add action=lookup disabled=no dst-address=192.168.12.0/24 table=main
add action=lookup disabled=no dst-address=43.229.252.136/29 table=main
add action=lookup disabled=no dst-address=192.168.1.0/24 table=main
add action=lookup disabled=no src-address=43.229.252.136/29 table=ISP-1
add action=lookup disabled=no src-address=192.168.1.0/24 table=ISP-2
add action=lookup disabled=no routing-mark=ISP-1 table=ISP-1
add action=lookup disabled=no routing-mark=ISP-2 table=ISP-2

at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)