Re: [44net] how to route Mikrotik Gateway Commercial IP to the ISP and not to UCSD ?

As I pointed out many times before, the default route of the router has to be via the gateway's public IP, not the tunnel. IMHO, the special case is to send replies to access from the internet via the tunnel back to the tunnel: - set default gateway to your ISP, including masquerade - mark incoming connections from a non-44 source via tunnel with a connection mark of your liking. - mark outgoing traffic with that connection mark with a new routing mark - set the default route for that connection mark/table via tunnel Marius, YO2LOJ On 15.05.2017 20:06, R P wrote: > (Please trim inclusions from previous messages) > _______________________________________________ > Hi there > > I have investigated the High drops that my Router get from UCSD with the help of the new PCAP files that Brian Made available for us > > it tern out that my router MikroTik that sit on the DMZ of the Cable modem > > Is Probed from the outside world in its Commercial IP and send its Trafic to the UCSD interface which is its default route > > How can I redirect packets from the outside world that sent to the router commercial IP to go back to the ISP and not go to the UCSD interface ? > > is there any Mikrotik Expert that can tell me what to do ? > > I need only to route the ip of the router that sit on the DMZ > > I saw that another Mikrotik on the AMPRNT get a lot of drops and it looks it have something similar > > Any help is welcome > > > As i Stated before Im willing to give web telnet Or SSH access > > > Just for Info the router connected on the DMZ of the Main Cable router it uses 192.168.1.x address and the DMZ point to this address > > > Regards > > Any info is more then welcome > > Regards > > Ronen - 4Z4ZQ > > http://www.ronen.org > > Ronen Pinchooks (4Z4ZQ) WebSite<http://www.ronen.org/> > www.ronen.org > ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com > > > >