Коллеги, здравствуйте. Два ISP, сервер внутри локальной сети, задача: заставить отвечать его с любого внешнего адреса. В конфигурации ниже он все время пытается ответить на пакет пришедший с ISP2 с активного маршрута в таблице main, т.е. ISP1 . Что я упустил? Код: /interface list add name=internet add name=local /interface list member add interface=ISP1 list=internet add interface=ISP2 list=internet add interface=lan-bridge list=local /ip firewall nat add action=dst-nat chain=dstnat comment="NAT for HTTP" dst-port=80 in-interface-list=internet ipsec-policy=in,none protocol=tcp to-addresses=192.168.22.55 to-ports=80 add action=dst-nat chain=dstnat comment="NAT for HTTPs" dst-port=443 in-interface-list=internet ipsec-policy=in,none protocol=tcp to-addresses=192.168.22.55 to-ports=443 add action=masquerade chain=srcnat ipsec-policy=out,none out-interface-list=internet /ip firewall mangle add action=mark-connection chain=input in-interface=ISP1 new-connection-mark=ISP1-conn passthrough=yes add action=mark-routing chain=output connection-mark=ISP1-conn new-routing-mark=ISP1-route passthrough=no add action=mark-connection chain=input in-interface=ISP2 new-connection-mark=ISP2-conn passthrough=yes add action=mark-routing chain=output connection-mark=ISP2-conn new-routing-mark=ISP2-route passthrough=no add action=mark-connection chain=forward in-interface=ISP1 new-connection-mark=ISP1-conn-f passthrough=no add action=mark-routing chain=prerouting connection-mark=ISP1-conn-f in-interface=lan-bridge new-routing-mark=ISP1-route add action=mark-connection chain=forward in-interface=ISP2 new-connection-mark=ISP2-conn-f passthrough=no add action=mark-routing chain=prerouting connection-mark=ISP2-conn-f in-interface=lan-bridge new-routing-mark=ISP2-route /ip route add distance=1 gateway=ISP1 routing-mark=ISP1-route add distance=1 gateway=ISP2 routing-mark=ISP2-route add comment=WAN distance=2 gateway=ISP1 add comment=WAN distance=3 gateway=ISP2
Вот вам заготовка на 2 WAN-а Код: /interface list add name=lst-WAN /interface list member add interface=ether1-WAN1 list=WAN add interface=ether2-WAN2 list=WAN /ip firewall mangle add action=mark-connection chain=prerouting connection-mark=no-mark \ in-interface=ether1-WAN1 new-connection-mark=con-WAN1 add action=mark-connection chain=prerouting connection-mark=no-mark \ in-interface=ether2-WAN2 new-connection-mark=con-WAN2 add action=mark-routing chain=prerouting connection-mark=con-WAN1 \ in-interface-list=!lst-WAN new-routing-mark=WAN1 add action=mark-routing chain=prerouting connection-mark=con-WAN2 \ in-interface-list=!lst-WAN new-routing-mark=WAN2 add action=mark-routing chain=output connection-mark=con-WAN1new-routing-mark=WAN1 add action=mark-routing chain=output connection-mark=con-WAN2 new-routing-mark=WAN2
