Roteador gateway ISP1_ROUTE – 192.168.15.1 Vivo
\nRoteador gateway ISP2_ROUTE – 192.168.18.1 Sumicity<\/p>\n
\n\/ip route\n#criacao de uma interface virtual somente para auxiliar. Ip diferente de qualquer rede existente. Aqui se troca a priorizacao de qual internet sair\nadd distance=1 gateway=10.1.1.1\nadd distance=2 gateway=10.2.2.2\n\nadd dst-address=10.1.1.1 gateway=8.8.8.8 scope=10 check-gateway=ping\nadd dst-address=10.1.1.1 gateway=208.67.220.220 scope=10 check-gateway=ping\n\nadd dst-address=10.2.2.2 gateway=8.8.4.4 scope=10 check-gateway=ping\nadd dst-address=10.2.2.2 gateway=208.67.222.222 scope=10 check-gateway=ping\n\nadd dst-address=8.8.8.8 gateway=192.168.15.1 scope=10\nadd dst-address=208.67.220.220 gateway=192.168.15.1 scope=10\n\nadd dst-address=8.8.4.4 gateway=192.168.18.1 scope=10\nadd dst-address=208.67.222.222 gateway=192.168.18.1 scope=10\n\nadd distance=2 gateway=10.1.1.1 routing-mark=ISP1_ROUTE\nadd distance=1 gateway=10.2.2.2 routing-mark=ISP1_ROUTE\nadd distance=2 gateway=10.2.2.2 routing-mark=ISP2_ROUTE\nadd distance=1 gateway=10.1.1.1 routing-mark=ISP2_ROUTE\n\n\nConfiguracao completa (script de exportacao):\n\n\n\n# mar\/29\/2022 04:57:06 by RouterOS 6.48.6\n# software id = F0IQ-UDP2\n#\n# model = 750G\n# serial number = 268D0182810D\n\/interface bridge\nadd fast-forward=no name=bridge1\n\/interface ethernet\nset [ find default-name=ether4 ] name=GwGrandstreamUP\nset [ find default-name=ether5 ] name=Server\nset [ find default-name=ether2 ] name=SumicityISP2\nset [ find default-name=ether3 ] name=Switch\nset [ find default-name=ether1 ] name=VivoISP1\n\/ip pool\nadd name=dhcp_pool0 ranges=192.168.17.100-192.168.17.198\n\/ip dhcp-server\nadd address-pool=dhcp_pool0 authoritative=after-2sec-delay disabled=no \\\ninterface=bridge1 lease-time=1w3d10m name=dhcp1\n\/interface bridge port\nadd bridge=bridge1 interface=Switch\nadd bridge=bridge1 interface=GwGrandstreamUP\nadd bridge=bridge1 interface=Server\n\/ip address\nadd address=192.168.15.254\/24 interface=VivoISP1 network=192.168.15.0\nadd address=192.168.18.254\/24 interface=SumicityISP2 network=192.168.18.0\nadd address=192.168.17.1\/24 interface=bridge1 network=192.168.17.0\n\/ip cloud\nset ddns-enabled=yes\n\/ip dhcp-server network\nadd address=192.168.17.0\/24 dns-server=192.168.17.1,8.8.8.8,8.8.4.4 gateway=\\\n192.168.17.1\n\/ip dns\nset allow-remote-requests=yes servers=8.8.8.8,8.8.4.4\n\/ip dns static\nadd address=192.168.17.254 name=up.abratel.com.br\n\/ip firewall address-list\nadd address=200.155.0.0\/16 list=BRADESCO\nadd address=200.201.0.0\/16 list=CEF\nadd address=170.66.0.0\/16 list=BB\nadd address=200.220.0.0\/16 list=SANTANDER\nadd address=200.196.0.0\/16 list=ITAU\nadd address=189.56.0.0\/16 list=NOSSACAIXA\nadd address=161.113.0.0\/24 list=HSBC\nadd address=201.77.231.25 list=PrefMuriae\nadd address=187.4.128.0\/18 list=sicoob\nadd address=200.252.146.0\/24 list=sicoob\nadd address=187.72.5.139 list=sicoob\nadd address=186.215.92.171 list=sicoob\nadd address=177.11.48.200 list="estrela dalva"\nadd address=192.168.17.0\/24 list=lan\nadd address=192.168.2.0\/24 list=lan\nadd address=192.168.3.0\/24 list=lan\nadd address=192.168.4.0\/24 list=lan\nadd address=192.168.5.0\/24 list=lan\nadd address=192.168.6.0\/24 list=lan\nadd address=192.168.8.0\/24 list=lan\nadd address=192.168.9.0\/24 list=lan\nadd address=192.168.10.0\/24 list=lan\nadd address=192.168.11.0\/24 list=lan\nadd address=192.168.13.0\/24 list=lan\nadd address=192.168.12.0\/24 list=lan\nadd address=192.168.14.0\/24 list=lan\nadd address=up.abratel.com.br list=wan-ip\n\/ip firewall filter\nadd action=accept chain=input src-address=24.4.133.107\nadd action=drop chain=input dst-port=53 in-interface=VivoISP1 protocol=tcp\nadd action=drop chain=input dst-port=53 in-interface=SumicityISP2 protocol=\\\ntcp\nadd action=drop chain=input dst-port=53 in-interface=VivoISP1 protocol=udp\nadd action=drop chain=input dst-port=53 in-interface=SumicityISP2 protocol=\\\nudp\nadd action=drop chain=input comment="drop WINBOX brute forcers" dst-port=81 \\\nprotocol=tcp src-address-list=ssh_blacklist\nadd action=add-src-to-address-list address-list=ssh_stage3 \\\naddress-list-timeout=1m chain=input connection-state=new dst-port=81 \\\nprotocol=tcp src-address-list=ssh_stage2\nadd action=add-src-to-address-list address-list=ssh_stage2 \\\naddress-list-timeout=1m chain=input connection-state=new dst-port=81 \\\nprotocol=tcp src-address-list=ssh_stage1\nadd action=add-src-to-address-list address-list=ssh_stage1 \\\naddress-list-timeout=1m chain=input connection-state=new dst-port=81 \\\nprotocol=tcp\nadd action=add-src-to-address-list address-list=ssh_blacklist \\\naddress-list-timeout=14w2d chain=input connection-state=new dst-port=81 \\\nhotspot="" protocol=tcp src-address-list=ssh_stage3\nadd action=accept chain=input connection-state="" dst-port=81 protocol=tcp\nadd action=accept chain=forward\nadd action=accept chain=output\nadd action=accept chain=input\n\/ip firewall mangle\nadd action=accept chain=prerouting dst-address=192.168.17.0\/24 src-address=\\\n192.168.17.0\/24\nadd action=accept chain=prerouting dst-port=8085 in-interface=bridge1 \\\nprotocol=tcp src-address=192.168.17.0\/24\nadd action=accept chain=prerouting dst-port=4569 in-interface=bridge1 \\\nprotocol=udp src-address=192.168.17.0\/24\nadd action=accept chain=prerouting comment="LIBERAR SITES HTTPS" \\\ndst-address-list=BB\nadd action=accept chain=prerouting dst-address-list=SANTANDER\nadd action=accept chain=prerouting dst-address-list=sicoob\nadd action=accept chain=prerouting dst-address-list=BRADESCO\nadd action=accept chain=prerouting dst-address-list=PrefMuriae\nadd action=mark-connection chain=prerouting dst-address-list="estrela dalva" \\\nnew-connection-mark=ISP2_CONN passthrough=yes\nadd action=accept chain=prerouting dst-address-list=CEF\nadd action=accept chain=prerouting dst-address-list=HSBC\nadd action=accept chain=prerouting dst-address-list=ITAU\nadd action=accept chain=prerouting dst-address-list=NOSSACAIXA\nadd action=accept chain=prerouting dst-address-list=SANTANDER\nadd action=accept chain=prerouting dst-port=443 protocol=tcp\nadd action=mark-connection chain=prerouting comment=\\\n------------------------------------------ connection-mark=no-mark \\\nin-interface=VivoISP1 new-connection-mark=ISP1_CONN passthrough=yes\nadd action=mark-connection chain=prerouting connection-mark=no-mark \\\nin-interface=SumicityISP2 new-connection-mark=ISP2_CONN passthrough=yes\nadd action=jump chain=prerouting comment="====================" \\\nconnection-mark=no-mark in-interface=bridge1 jump-target=policy_route\nadd action=mark-routing chain=prerouting comment="======================" \\\nconnection-mark=ISP1_CONN new-routing-mark=ISP1_ROUTE passthrough=yes \\\nsrc-address=192.168.17.0\/24\nadd action=mark-routing chain=prerouting connection-mark=ISP2_CONN \\\nnew-routing-mark=ISP2_ROUTE passthrough=yes src-address=192.168.17.0\/24\nadd action=mark-routing chain=output comment="===========================" \\\nconnection-mark=ISP1_CONN new-routing-mark=ISP1_ROUTE passthrough=yes\nadd action=mark-routing chain=output connection-mark=ISP2_CONN \\\nnew-routing-mark=ISP2_ROUTE passthrough=yes\nadd action=mark-connection chain=policy_route2 comment=\\\n"=======================" dst-address-type=!local new-connection-mark=\\\nISP1_CONN passthrough=yes per-connection-classifier=\\\nboth-addresses-and-ports:2\/0\nadd action=mark-connection chain=policy_route dst-address-type=!local \\\nnew-connection-mark=ISP2_CONN passthrough=yes\n\/ip firewall nat\nadd action=src-nat chain=srcnat comment=\\\n"============= Internet =================" out-interface=VivoISP1 \\\nto-addresses=192.168.15.254\nadd action=src-nat chain=srcnat out-interface=SumicityISP2 to-addresses=\\\n192.168.18.254\nadd action=dst-nat chain=dstnat dst-port=8085 protocol=tcp to-addresses=\\\n192.168.17.254 to-ports=8085\nadd action=masquerade chain=srcnat dst-port=8085 out-interface=bridge1 \\\nprotocol=tcp src-address=192.168.17.0\/24 to-addresses=192.168.17.254\nadd action=masquerade chain=srcnat dst-port=4569 out-interface=bridge1 \\\nprotocol=udp src-address=192.168.17.0\/24 to-addresses=192.168.17.254\nadd action=dst-nat chain=dstnat dst-port=4569 protocol=udp to-addresses=\\\n192.168.17.254 to-ports=4569\nadd action=redirect chain=dstnat comment=\\\n"========= Winbox Redirect vindo da ISP1 ===========" dst-port=1198 \\\nin-interface=VivoISP1 log-prefix=TESTE_ISP1 protocol=tcp to-ports=81\nadd action=redirect chain=dstnat dst-port=1198 in-interface=VivoISP1 \\\nprotocol=tcp to-ports=81\n\/ip route\nadd distance=1 gateway=10.1.1.1 routing-mark=ISP1_ROUTE\nadd distance=2 gateway=10.2.2.2 routing-mark=ISP1_ROUTE\nadd distance=1 gateway=10.2.2.2 routing-mark=ISP2_ROUTE\nadd distance=2 gateway=10.1.1.1 routing-mark=ISP2_ROUTE\nadd distance=1 gateway=10.2.2.2\nadd distance=2 gateway=10.1.1.1\nadd distance=1 dst-address=8.8.4.4\/32 gateway=192.168.18.1 scope=10\nadd distance=1 dst-address=8.8.8.8\/32 gateway=192.168.15.1 scope=10\nadd check-gateway=ping distance=1 dst-address=10.1.1.1\/32 gateway=\\\n208.67.220.220 scope=10\nadd check-gateway=ping distance=1 dst-address=10.1.1.1\/32 gateway=8.8.8.8 \\\nscope=10\nadd check-gateway=ping distance=1 dst-address=10.2.2.2\/32 gateway=8.8.4.4 \\\nscope=10\nadd check-gateway=ping distance=1 dst-address=10.2.2.2\/32 gateway=\\\n208.67.222.222 scope=10\nadd distance=1 dst-address=208.67.220.220\/32 gateway=192.168.15.1 scope=10\nadd distance=1 dst-address=208.67.222.222\/32 gateway=192.168.18.1 scope=10\n\/ip service\nset telnet disabled=yes\nset ftp disabled=yes\nset www port=1199\nset ssh disabled=yes\nset api disabled=yes\nset winbox port=81\nset api-ssl disabled=yes\n\/ip ssh\nset allow-none-crypto=yes forwarding-enabled=remote\n\/system clock\nset time-zone-name=America\/Sao_Paulo\n\/system identity\nset name=Up-Abratel\n\/system ntp client\nset enabled=yes primary-ntp=200.160.0.8 secondary-ntp=200.189.40.8\n\/system package update\nset channel=long-term\n\/tool bandwidth-server\nset authenticate=no enabled=no\n\/tool netwatch\nadd disabled=yes host=8.8.8.8\nadd disabled=yes host=8.8.4.4\n\n<\/pre>\n","protected":false},"excerpt":{"rendered":"Roteador gateway ISP1_ROUTE – 192.168.15.1 Vivo Roteador gateway ISP2_ROUTE – 192.168.18.1 Sumicity<\/p>\n","protected":false},"author":1,"featured_media":1421,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[7],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts\/1417"}],"collection":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1417"}],"version-history":[{"count":6,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts\/1417\/revisions"}],"predecessor-version":[{"id":1425,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts\/1417\/revisions\/1425"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/media\/1421"}],"wp:attachment":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1417"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1417"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1417"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}