I wrote about this topic few years back, but forgot where it is now, So adding it again as Note to Self! This solution applies for following particular scenario.
Scenario:
We have 2 wan links configured with policy base routing. As we know that Mikrotik or any device can have only one default route active at a time. So if we will try to access mikrotik via wan2 link it will not work, because when request will arrive on wan2 link, and tries to return to its original requester, it will always route via WAN-1 link dueto default route. At this point remote client will receive packets with a source IP it didn’t initiate traffic with, so it reject that response.
Fair enough !
To sort we need to mark there connections, and make sure every packets should return via same route via which it came IN.
# Mirkotik IP Firewall Mangle Section / ip firewall mangle # Mark traffic coming via WAN-1 link add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_incoming_conn # Mark traffic coming via WAN-2 link add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_incoming_conn # Mark traffic routing mark for above marked connection for WAN-1 , so that mikrotik will return traffic via same interface it came in add chain=output connection-mark=WAN1_incoming_conn action=mark-routing new-routing-mark=to_WAN1 # Mark traffic routing mark for above marked connection for WAN-2, so that mikrotik will return traffic via same interface it came in add chain=output connection-mark=WAN2_incoming_conn action=mark-routing new-routing-mark=to_WAN2 # Finally Add appropriate routes in ROUTE section / ip route add dst-address=0.0.0.0/0 gateway=1.1.1.2 routing-mark=to_WAN1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=2.2.2.2 routing-mark=to_WAN2 check-gateway=ping
For other scenario’s, you may want to look into prerouting !
Regard’s
Syed Jahanzaib
Syed Jahanzaib - Personal Blog to Share Knowledge ! 