Multiple public IPs on WAN

The IP address that was issued by WAN2 still applies to all connected devices.

config redirect                                           
        option name 'Rewrite secondary WAN IP to LAN host'
        option proto 'all'                                
        option src 'wan'                                  
        option src_dip '**.***.**.223'  # WAN2 ip
        option dest_ip ''  #  LAN ip
        option target 'DNAT'                              
config nat                                                
        option name 'Rewrite LAN host to secondary WAN IP'
        option src 'wan'              
        option src_ip ''     # LAN ip
        option snat_ip '**.***.**.223'   # WAN2 ip
        option target 'SNAT'   
        list proto 'all' 

I am not sure what you mean with "applies to all connected devices". Do you mean it is used as source IP for outgoing traffic?

In your "wan2" interface, advanced settings uncheck both "Use default gateway" and "Use DNS servers advertised by peer". See if it solves it.

You can also replace '**.***.**.223' with a literal wan2 in the firewall rules. This way the IP should be automatically derived from the interface so you do not need to update the config in case it ever changes.

I mean, the IP address applies to all devices (including PCs, phones), but I only need to apply it to one device connected to the router.

When I uncheck "Use default gateway" the Internet connection is lost.

Yeah, likely because the WAN2 default route overwrote the WAN one and now after disabling it you have none. Either try reconnecting WAN after disabling the default gateway on WAN2 or reboot the entire router.

Yeah, it helped. Thank you very much!

For some reason, open port 80 stopped working.

config redirect             
        option target 'DNAT'     
        option name 'HTTP'
        option src_dport '80'
        option dest 'lan'
        option dest_ip ''
        option dest_port '80'
        option src 'wan'

Yeah... that is likely caused by the other SNAT rule rewriting all outgoing traffic from to your other *.*.*.223 WAN IP, due to that all ports forwards from the primary WAN IP to this LAN host will likely fail.

There is no good clean solution to this I can think of. If you don't care whether your LAN host uses the primary or secondary WAN IP for internet browsing you could try disabling/removing the SNAT rule.

As a final result, all ports became active after an additional restart of firewall and network services. Everything's working steadily now.

Thanks to everyone who helped!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.