The setup continued from basic setup. it will shows 2 WAN 1 LAN failover senario.
Port 1: 10.0.0.4 (ISP 1)
Port 5: 192.168.1.150 (ISP 2)
Port 2: NAT (for Inside users with DHCP)
The IP address is only for testing purpose, you can change your own IP address. I am going to change the WAN IP to a static address.
Please make sure the address. You don’t need to focus the gateway, and DNS servers now. However, you can check the IP address on the menu IP -> addresses.
I will use the port 5 for ISP 2, delete the ether5. for WAN side, the bridge is not required.
My DNS status, I will use Cisco’s OpenDNS service. You can use your favorite DNS service.
I assign the port 5 (ether 5) address as static IP not DHCP. You may carefully input address must have subnet indicator (/24 /subnet number). You can get the subnet number on google search with your IP address or contact ISP.
Now, I add IP-> Firewall-> NAT, new NAT Rule on ether5.
I fully don’t know about IPsec, however, I copied from original one.
Now, go to the IP-> Route List. You can check the gateway. I will use recursive DNS check method for failover. the picture shows already made it. follow screen shows what is inside.
DAC line cannot delete. I recommend deleting the other lines and remake them. This rule purpose adds a gateway for ISP 1.
I will use 8.8.8.8 google’s public DNS service. Distance and scope value need to check.
Add port 5 gateway with distance 2.
You can see final results. The blue line means not activated.
When you unplug the 10.0.0.1 network, it will switch the gateway to the 192.168.1.1 network. It took around 10 sec. also, when you put it back 10.0.0.1 network, it recovers to the main within 10 sec.
MAY
2019
About the Author: