Yesterday, I made a post on how to achieve automatic failover when using a Mikrotik router with two ISP connections. You can find it here. Now, assuming you have successfully set up automatic failover on your Mikrotik router, that means you may probably not know when one of your links goes down because the router automatically switches control to the second
ISP. In such situation, your ISP may be unaware that your connection has gone down. You need a system that notifies you of a downtime so that you, in turn, can notify the ISP, even though control has been switched to the secondary link. This is what I will be sharing with us in this post.
ISP. In such situation, your ISP may be unaware that your connection has gone down. You need a system that notifies you of a downtime so that you, in turn, can notify the ISP, even though control has been switched to the secondary link. This is what I will be sharing with us in this post.
The task is to set up email notification, using netwatch, so that the router, upon noticing that a link is down, will automatically generate an email and, using the second ISP’s internet connection, send the mail to a predefined email address- the network admin’s email address or the concerned ISP’s email address.
Requirements:
Dual ISP connections
Sender’s and receiver’s email addresses
Email server’s IP address
A Mikrotik router with a minimum of three dedicated interfaces. (By dedicated, I mean not a slave to any other interface)
Configuration:
The below codes should be pasted in the new terminal window of your Mikrotik router after you have edited the source and destination email addresses and the server address. To get the IP address of your company’s email server, ask your hosting company, if it is hosted in the cloud or the server administrator, if it is hosted locally. Alternatively, you can get the address of the server by going to email settings on your Microsoft outlook. The in-coming and out-going server addresses are usually the same. Copy any one of them (in-coming or out-going) and ping it from the command prompt of a computer with internet connection. Your DNS server will resolve the address to and IP address so that you can use it for your configuration.
You may also like: How to resolve Site-to-Site VPN authentication issue on Mikrotik and Cisco routers
For ISP1
[admin@MikroTik] system script> add name=primary-down source={/tool e-mail send {… from=”support@timigate.com” server=”173.203.187.9″ body=”ISP1 is down” {… subject=”ISP1 is down” to=”admin@timigate.com”}
[admin@MikroTik] system script> add name=primary-up source={/tool e-mail send {… from=”support@timigate.com” server=”173.203.187.9″ body=”ISP1 is up” {.. subject=”ISP1 is up” to=”admin@timigate.com”}
[admin@MikroTik] system script> /tool netwatch
[admin@MikroTik] system netwatch> add host=197.210.240.55 timeout=999ms … interval=20s up-script=primary-up down-script=primary-down
For ISP2
[admin@MikroTik] system script> add name=secondary-down source={/tool e-mail send {… from=”support@timigate.com” server=”173.203.187.9″ body=”ISP2 is down” {… subject=”ISP2 is down” to=”admin@timigate.com”}
[admin@MikroTik] system script> add name=secondary-up source={/tool e-mail send {… from=”support@timigate.com” server=”173.203.187.9″ body=”ISP2 is up” {.. subject=”ISP2 is up” to=”admin@timigate.com”}
[admin@MikroTik] system script>
[admin@MikroTik] system script> /tool netwatch
[admin@MikroTik] system netwatch> add host=197.210.43.44 timeout=999ms … interval=20s up-script=secondary-up down-script=secondary-down
The last part is making sure that the pings used in testing the reachability of each ISP’s gateway goes out only through the interface that connects to that ISP.
For ISP1
[admin@MikroTik.] > ip firewall filter add chain=forward dst-address=197.210.240.55 protocol=icmp out-interface=ether2 action=drop
For ISP2
[admin@MikroTik.] > ip firewall filter add chain=forward dst-address=197.210.43.44 protocol=icmp out-interface=ether1 action=drop
The first rule drops all icmp packets to ISP1 via the interface connecting to ISP2 while the second rule drops all icmp packets to ISP2 via the interface connecting to ISP1.
If you have any questions, please use the comment box. Thanks for ready and stay safe.
I have a question i have configured my Mikrotik Router hEX with PCC method with dual ISP all the things are working fine even failover is working good which is configured with Netwatch the issue is when my Primary ISP goes down it is not generate alert through email on generate email when ISP gets UP.
My both ISPs are coming through Netting with PPPOE and i don’t have static Gateway by ISP, so when any ISP goes down my both WAN interfaces are UP and Gateways gives reply.
So, for failover i apply the Netwatch rule with google DNS to check the routs from my router and if Primary Link goes down then Netwatch see and disable my Primary route from the router and the all LAN traffic runs through the second ISP.
So i hope you understand my whole scenario of the configuration. Kindly tell me can you resolve my “ISP Down” email alert issue. when my primary Link down the email generate from my secondary link.
I hope you understand what i want to say and hoping that you’ll find the solution and get back to my soon.
Hi Team, This script is not working properly, It’s giving error.
So can you please share the correct script.
Yeah, very helpful. Thanks.
Can you also help with showing my ISP name instead of my providers name to customers when they view whoer.net or fast .com
Apologies for my late response, Benjamin. To have your company’s name displayed to your customers instead of your providers’, you need a registered AS number and IP prefix, then run bgp peering with your providers to advertise your prefixes to the rest of the world. Thanks