Nonsensical.............
The use of the dst address first entry is to ensure any traffic to any other subnets, doesnt go out the tunnel. Since we are forcing anything with a source address of 10...5 out the tunnel.
So in this case the first rule makes no sense to me????
OK, I think I understood what you meant. Is this better?
Code:
/routing tableadd disabled=no fib name=useWAN2/routing ruleadd action=lookup-only-in-table disabled=no dst-address=10.10.1.0/24 table=\ mainadd action=lookup-only-in-table disabled=no dst-address=10.10.2.0/24 table=\ mainadd action=lookup-only-in-table disabled=no dst-address=10.10.3.0/24 table=\ mainadd action=lookup-only-in-table disabled=no dst-address=10.10.4.0/24 table=\ mainadd action=lookup disabled=no src-address=10.10.5.0/24 table=useWAN2/ip routeadd check-gateway=ping disabled=no distance=4 dst-address=0.0.0.0/0 gateway=\ 27.125.128.1%wan2 pref-src="" routing-table=main scope=30 \ suppress-hw-offload=no target-scope=10add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\ 27.125.128.1%wan1 pref-src="" routing-table=main scope=30 \ suppress-hw-offload=no target-scope=10add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=27.125.128.1%wan2 \ pref-src="" routing-table=useWAN2 scope=30 suppress-hw-offload=no \ target-scope=10Statistics: Posted by dalben — Mon Dec 25, 2023 12:42 pm