Cellular internet failover using mikrotik devices

I found an old Huawei E352 modem laying around, got a brand new Orange prepaid sim card for it to make some use of it. After some tinkering I was able to set up a fail-over WAN for a mikrotik device, so I thought I’ll share my experiences.

Log in to your router using winbox:

01

Go to System -> Resources:

02

The Resources panel will appear, click the USB button:

03

The list of connected USB devices will show up. Note that there is nothing connected at the moment, the only entry is the host controller interface:

04

Now, that I plugged it in, the modem appears on the list:

05

Let’s set it up! Go to PPP on the left side menu:

06

Click on the blue + button on the PPP screen and select PPP Client from the drop down list:

07

The New Interface panel will appear. Under the General tab a Name for the connection, set the proper USB Port and enter the APN, for orange it is usually internet:

08

Make sure that under the PPP tab the Default Route Distance is set to 0:

09

After you hit OK the interface should look something like this:

10

Now, let’s set up masquerading for the PPP interface. Go to IP -> Firewall:

11

The Firewall panel will shows up:

12

Go to the NAT tab:

13

Clikc on the blue + button:

14

Enter the NAT rule as follows:

General tab:

Chain: srcnat

Out. Interface: Orange (the one we created earlier)

15

Action tab:

Action: masquerade

Hit OK to save it:

16

Now you should have 2 masquerade rules:

17

We can check if the interface is getting an address by going to IP -> Addresses:

18

Note that the interface does indeed get an IP address:

19

Now let’s test if the connection is alive. Go to Tools -> Ping:

20

Enter an address to ping, for example google.com, set the interface to Orange and hit Start. You should get replies like below:

21

To verify if everything is set up as needed go to IP -> Routes:

22

Leave the panel open, and open up PPP as well:

23

Disable the PPP interface. Notice how the default route for the Orange interface disappears:

24

Knowing that the default route is always the one with the shortest distance and that our PPP interface’s interface is set to 0 (always the shortest) we can safely assume that all internet traffic will be routed through it, if available, else through the ether1. We can create a pretty basic script that monitors the default gateway of ether1 and if it fails brings up the PPP interface. Let’s make that happen!

Go to System -> Scheduler:

25

The Scheduler screen will pop up:

26

Click on the blue + button to create a new schedule:

27

Enter the following:

Name: OrangeFailover (or anything else you want, really)

Interval: 00:01:00 (this will make it run every minute)

On Event:


:local PingResult [/ping 192.168.1.254 interface=ether1-gateway count=3]

:local Link ($PingResult>1)

if (!$Link) do={
if ([/interface ppp-client get [find name=Orange] running]=false) do={
/tool sms set receive-enabled=no
/interface set Orange disabled=no
}
}

if ($Link) do={
if ([/interface ppp-client get [find name=Orange] running]=true) do={
/interface set Orange disabled=yes
/tool sms set receive-enabled=yes
}
}

28

After you hit OK, the scheduler screen should look similar to this:

29

Now to test it out let’s go to Interfaces:

30

And disable our gateway interface:

31

After less than a minute the PPP interface should get enabled and internet should be restored:

32

Leave a Reply

Your email address will not be published. Required fields are marked *