Difference between revisions of "UPnP Multi-WAN"

From MikroTik Wiki
Jump to: navigation, search
m
(working solution)
Line 6: Line 6:
  
  
:foreach i in=([/ip fi nat find dynamic]) do={/ip fi nat add chain=dstnat dst-address="<WAN2 IP>" protocol=[/ip fi nat get $i protocol] to-addresses=[/ip fi nat get $i to-addresses] to-ports=[/ip fi nat get $i to-ports] action=dst-nat dst-port=[/ip fi nat get $i dst-port] comment="UPnP_Cloned"}
+
:global UPnPs [/ip fi nat find dynamic]; :if ($UPnPs != $UPnPz) do={ :global UPnPz; :set $UPnPz $UPnPs; /ip fi nat remove [/ip fi nat find comment="UPnP_Cloned"]; :foreach i in=([/ip fi nat find dynamic]) do={/ip fi nat add chain=dstnat dst-address="<WAN 2 IP>" protocol=[/ip fi nat get $i protocol] to-addresses=[/ip fi nat get $i to-addresses] to-ports=[/ip fi nat get $i to-ports] action=dst-nat dst-port=[/ip fi nat get $i dst-port] comment="UPnP_Cloned"}}
  
  
NOTE: A fix is needed to clone only new Dynamic NAT entries
 
  
 
+
3. For large networks you may find it useful to clean any Dynamic NAT entries and cloned NAT entry every other night, as old ones may pile up:
3. Schedule cloned NAT entry removing every other night:
 
  
 
/ip firewall nat remove [/ip firewall nat find comment="UPnP_Cloned"]
 
/ip firewall nat remove [/ip firewall nat find comment="UPnP_Cloned"]

Revision as of 10:22, 18 May 2014

1. Make the simplest UPnP config for just WAN1.

2. Add the following script: will clone UPnP NAT entries from WAN1 as normal NAT entries for WAN2: (Schedule every few minutes) (set <WAN2 IP> manually)


global UPnPs [/ip fi nat find dynamic]; :if ($UPnPs != $UPnPz) do={ :global UPnPz; :set $UPnPz $UPnPs; /ip fi nat remove [/ip fi nat find comment="UPnP_Cloned"]; :foreach i in=([/ip fi nat find dynamic]) do={/ip fi nat add chain=dstnat dst-address="<WAN 2 IP>" protocol=[/ip fi nat get $i protocol] to-addresses=[/ip fi nat get $i to-addresses] to-ports=[/ip fi nat get $i to-ports] action=dst-nat dst-port=[/ip fi nat get $i dst-port] comment="UPnP_Cloned"}}


3. For large networks you may find it useful to clean any Dynamic NAT entries and cloned NAT entry every other night, as old ones may pile up:

/ip firewall nat remove [/ip firewall nat find comment="UPnP_Cloned"]