What's new
By:

Asuswrt-Merlin - Failover Only for Specific Devices

lijoppans

lijoppans

New Around Here
I have a primary high speed connection and a 4G as secondary connection. But I need it to use the secondary connection only for some specific devices. Is there any way to do so ? When the primary WAN goes down, some devices should be able to access internet via secondary WAN. And let other non-critical devices have no internet connection.
 
Did you ever devise a solution? I want to do the same failover to limited devices only. I have CradlePoint LTE, Asus WiFi router and a Netgear switch. Happy to purchase another device for simplicity.

I am wondering if VLAN can help.
 
I am sorry I did not see this post back in 2022.

Pretty much the same requirements for my needs: fast primary wan, slow cell secondary.

If you want to COMPLETELY stop certain devices from accessing your secondary wan under any circumstance, you add something like this into your firewall-start script: In my case, I want to allow devices that have an ip address between .1 and .15, and block anything else. The devices which I want to have access during wan failover are assigned an IP within the .1 to .15 range.

PLEASE NOTE that I am using eth0 (normal wan port) as my secondary wan, since I am using eth5 as my primary


iptables -I OUTPUT 1 -s 192.168.50.16/28 -o eth0 -j DROP
iptables -I FORWARD 1 -s 192.168.50.16/28 -o eth0 -j DROP

iptables -I OUTPUT 1 -s 192.168.50.32/27 -o eth0 -j DROP
iptables -I FORWARD 1 -s 192.168.50.32/27 -o eth0 -j DROP

iptables -I OUTPUT 1 -s 192.168.50.64/26 -o eth0 -j DROP
iptables -I FORWARD 1 -s 192.168.50.64/26 -o eth0 -j DROP

iptables -I OUTPUT 1 -s 192.168.50.128/25 -o eth0 -j DROP
iptables -I FORWARD 1 -s 192.168.50.128/25 -o eth0 -j DROP

I chose to use CIDR to keep things short and sweet by blocking entire ranges at once. But you could enter specific IPs to ban.

When eth5 (primary wan) goes down, traffic from 192.168.50.1 to 192.168.50.15 is allowed through eth0 (secondary wan) while every other device on my network is blackholed.
 
You must log in or register to reply here.

Similar threads

P
Security Problem on Asus RT-BE88U same on RT-AX88U Dual WAN Enabled
Replies
1
Views
482
dave14305
dave14305
FoxBazo
Dual-Wan issue on Merlin 3006.102.4 - do I need to waith for newt update or do I need to try the alternative Failover script (amtm)
Replies
7
Views
2K
Livin
L
maghuro
Suggestion: Allow selecting interface for NAT rules (Virtual Server / Port Forwarding)
Replies
2
Views
356
maghuro
maghuro
K
Quectel RM520N-GL 5G modem – Dual WAN setup guide
Replies
0
Views
2K
kuchkovsky
K
D
Laptop Fails to Connect to Internet When Using AiMesh Node
Replies
11
Views
1K
degrub
D
Similar threads
Thread starter Title Forum Replies Date
RMerlin Release Asuswrt-Merlin 3004.388.11 is now available Asuswrt-Merlin 14
garycnew Asuswrt-Merlin 3004.288.8_4 /jffs Partition Nuked on Random Reboot Asuswrt-Merlin 6
RMerlin Beta Asuswrt-Merlin 3004.388.11 Beta is now available Asuswrt-Merlin 28
Jack-Sparr0w Sparrows Suricata - IDS on AsusWRT Merlin Asuswrt-Merlin 9
RMerlin [Announcement] Removal of AiCloud from Asuswrt-Merlin Asuswrt-Merlin 44
RMerlin Release Asuswrt-Merlin 3006.102.6 is now available Asuswrt-Merlin 227
RMerlin Beta Asuswrt-Merlin 3006.102.6 Beta is now available Asuswrt-Merlin 192
B Asuswrt-Merlin v3006.102.5 channel/bandwidth switching Asuswrt-Merlin 4
N Incorrect behavior of Asuswrt-Merlin and inability to restore stock firmware on Asus RT-AC66U B1 Asuswrt-Merlin 12
C Does minidlna get installed by default (asuswrt-merlin 3006.102.5) Asuswrt-Merlin 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,989 (members: 20, guests: 1,969)
Back
Top