I wrote about this topic few years back, but forgot where it is now, So adding it again as Note to Self! This solution applies for following particular scenario.
Scenario:
We have 2 wan links configured with policy base routing. As we know that Mikrotik or any device can have only one default route active at a time. So if we will try to access mikrotik via wan2 link it will not work, because when request will arrive on wan2 link, and tries to return to its original requester, it will always route via WAN-1 link dueto default route. At this point remote client will receive packets with a source IP it didn’t initiate traffic with, so it reject that response.
Fair enough !
To sort we need to mark there connections, and make sure every packets should return via same route via which it came IN.
# Mirkotik IP Firewall Mangle Section / ip firewall mangle # Mark traffic coming via WAN-1 link add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_incoming_conn # Mark traffic coming via WAN-2 link add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_incoming_conn # Mark traffic routing mark for above marked connection for WAN-1 , so that mikrotik will return traffic via same interface it came in add chain=output connection-mark=WAN1_incoming_conn action=mark-routing new-routing-mark=to_WAN1 # Mark traffic routing mark for above marked connection for WAN-2, so that mikrotik will return traffic via same interface it came in add chain=output connection-mark=WAN2_incoming_conn action=mark-routing new-routing-mark=to_WAN2 # Finally Add appropriate routes in ROUTE section / ip route add dst-address=0.0.0.0/0 gateway=1.1.1.2 routing-mark=to_WAN1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=2.2.2.2 routing-mark=to_WAN2 check-gateway=ping
For other scenario’s, you may want to look into prerouting !
Regard’s
Syed Jahanzaib
Syed Jahanzaib - Personal Blog to Share Knowledge ! 
bBy This approach, we can also use this in
2 LAN , 2 WAN , LAN-1 to WAN-1 & LAN-2 to WAN-2.
LikeLike
Comment by Server Secure — November 19, 2018 @ 3:24 PM
Hi,
I am facing some issue regarding MIkrotek router and DMA soft. I have added NAS on DMA soft radius, but after adding no packets are visible on radius status. However, when a reboot router it shows one time packet accepts but no PPPoE user are able to autheticate. Please guide me for this issue. Same router was used couple of months before on DMA same software and it was smootly running but now i am facing such issue.
Thanks
LikeLike
Comment by Shahbaz Inayat — November 22, 2018 @ 8:49 PM
AOA Jahanzaib Bhai linux server banwana hai with redious server and sharing portal server kitna cost ayega????
LikeLike
Comment by infosajidkhan — December 3, 2018 @ 11:12 AM
AOA sir 1 baat poochni thi ap se mein already Wateen se line lay k mikrotik m DHCP Server or PPPOE Server configure kar k chala raha hoo cable par to abh menay aik company se link liya hai wo company kehti hai k jo bhi client active karo wo direct humare pass connect hona chahiye means k mera client authenticate un k pass hoga or ips bhi wahin se lega to mera jo network chal raha hai kia is m possible hai k m mikrotik m koe setting kar du jis se m jis client ko chahiye direct 2nd company se connect karwa do or jis ko marzi apne hee jo wateen chal raha hai us se net day do
LikeLike
Comment by Jalil Abbas — January 8, 2019 @ 11:25 AM