Forward specific traffic via WAN

phantomdj · March 19, 2024, 4:54pm

Hi. I have a RUTX50 that I’m trying to configure.
The main internet provider is via the SIM card.
I also have a “second” provider connected via cable on the WAN port.
On this provider I want to forward specific IP traffic only.
I created a static route like
Interface: LAN
Target: 172.20.120.100
IPv4-Netmask: 255.255.255.0
IPv4-Gateway: 192.168.2.2 (the IP that WAN port has received through DHCP from the “second” ISP)

It does not work, and I don’t know why…
I’m trying to forward outgoing traffic, not incoming.
In a previous cheap dual WAN router that I had, it was easy to specify even to which interface I wanted to route the traffic.
It must be something simple that I’m missing. I can’t believe that you cannot forward traffic to a WAN port conditionally…

AndzejJ · March 20, 2024, 9:11am

Hello,

Are you using LAN interface or WAN?

The target IP includes the host portion (.100), but subnet is /24. If you to route a single IP address, make sure to set netmask to 255.255.255.255.

Is that 192.168.2.2 IP address of the RUT or your other router? Make sure you put the IP address of your other ISP router.

Also, how do you check if it is routed or not?

Kind Regards,

phantomdj · March 20, 2024, 9:34am

Ok, I’ll try to explain better:
LOCAL LAN is 172.18.180.0/24
So, all computers on local network are 172.18.180.XXX
Now I have a SIM inserted, and I can browse the internet just fine from all local PCs while all PCs can see each other e.t.c.

I also have a second router connected on the WAN port of RUTX50
This router gives the 192.168.2.2 IP on the WAN port (let’s call this ISP B router)

For some reasons I cannot control myself, I need all OUTGOING traffic for IP adresses 172.20.120.0/24 to go out through the WAN port, and not through the SIM card.

The way I test the routing is by simply typing a specific IP on my browser.
If the route works I should see a specific webpage when typing let’s say 172.20.120.100 on my web browser.

If I remove the SIM card (killing that connection) then all traffic goes through the WAN port and I see the given web page. However in this case I have no internet since ISP B is used for a specific “private network” of sorts.

So, I need all outgoing traffic to go out through the SIM card, while any traffic matching the 172.20.120.0/24 pattern to go out through the WAN port.

AndzejJ · March 22, 2024, 1:57pm

Hello,

Did you configure the static route to use WAN interface and the gateway IP is set to WAN IP of ISP B router? The static routes should work fine.

Access the device via CLI/SSH (username ‘root’) and check traffic via TCPdump:

opkg update
opkg install tcpdump
tcpdump -i any icmp

Then, try pinging 8.8.8.8/1.1.1.1 to check if pings from your PC are routed via mobile interface (qmimux0 interface in TCPdump). Afterwards, ping 172.20.120.100 and check if the packets are routed via wired WAN interface (eth1 in tcpdump).

Kind Regards,

system · April 3, 2024, 4:55pm

This topic was automatically closed after 15 days. New replies are no longer allowed.