I'm configuring an EdgeRouter Lite with firmware v1.9.0.
eth0 is connected to ISP 1 which will be the ISP used for internet traffic.
eth1 is connected to ISP 2 which will be used for specific network services.
eth 2 is connected to the LAN side with a couple of VLANs.
Because of the different nature of both ISPs, load-balancing and/or failover will never be an option in this setup.
VPN access is provided by a server inside the LAN and will only be accessed from eth0.
So I need to "open some ports" to get VPN traffic from ISP 1 to the LAN.
There will also be 1 incoming connection from ISP 2 to the LAN.
So I need to "open some ports" to get traffic from ISP 1 to the LAN as well.
I've learned by know that I need to use Destination NAT to send the traffic from the ISPs to the LAN side.
But I also need to create firewall rules. That's where I'm struggling right now, because I see only a WAN_IN firewall ruleset for both eth0 and eth1.
Should I replace the WAN_IN ruleset by two rulesets, for instance WAN_ETH0_IN and WAN_ETH1_IN?
Any tips would be greatly appreciated.
(By the way: haven't tested anything yet. I'm preparing the config before I go on site.)