UPDATE: See this post for an improved solution to the same problem.

Having a reliable internet connection is important to me, especially since I work remotely. Downtime can be incredibly frustrating and potentially costly. That’s why I decided to set up auto failover between my two WAN connections on my MikroTik router. Here, I’ll walk you through how I accomplished it using the router’s built-in scripting capabilities.

Getting Started in the Web UI

To automate the failover between WAN connections, I used MikroTik’s scripting feature. Here’s how I set it up:

  1. Navigate to the Scripts Section: In the MikroTik web UI, go to System > Scripts > Add New

  2. Create a New Script: Name your script something descriptive like gateway-route. You can choose any name you like, but remember what you picked for later steps.

  3. Paste the Script: Copy and paste the following script into the “Source” field:

    :log info "starting dhcp client script";

:if ($bound = 1) do={
    :log info "adding new route for default gateway";

    :if ($interface = "wan") do={
        :log info "adding new default gateway route for wan interface";

        /ip route remove [ find comment=$interface ];
        /ip route add disabled=no dst-address=0.0.0.0/0 check-gateway=ping distance=10 gateway=$"gateway-address" comment=$interface
    }

    :if ($interface = "wwan") do={
        :log info "adding new default gateway route for wwan interface";

        /ip route remove [ find comment=$interface ];
        /ip route add disabled=no dst-address=0.0.0.0/0 check-gateway=ping distance=20 gateway=$"gateway-address" comment=$interface;
    }

} else={
    :log info "removing old route for default gateway on interface $interface";

    /ip route remove [ find comment=$interface ]
}

    In this script, I assumed wan is my primary connection and wwan is my backup. If your connection names are different, update the script accordingly.

Adjusting the DHCP Client Settings

To make sure the route changes happen automatically when the router obtains a new DHCP lease, I had to tweak a few settings for each of my WAN interfaces.

  1. Go to IP > DHCP Client.
  2. For each WAN connection referenced in the script, do the following:
    • Set Add Default Route to “no”.
    • Set Script to whatever you named your script (for me, gateway-route).

How It Works

Now, when my MikroTik router gets a new DHCP lease on either WAN connection, it runs the script. The script creates a default route for each connection and assigns a different distance value to each. A lower distance gets higher priority. This means my primary WAN is always preferred. If that fails, traffic automatically switches over to my backup WAN.

Things to Keep in Mind

There is one caveat I did notice. This method checks if the gateway itself is reachable, not whether there’s actually usable internet on the other side of that gateway. If there’s a problem further upstream (like your ISP’s router malfunctioning), your router might think the route is healthy even though the connection is useless. For more granular monitoring, you can experiment with netwatcher scripts, but that’s a topic I’ll save for a future post.

Final Thoughts

With a simple script and a bit of tweaking in the DHCP client settings, I now enjoy peace of mind knowing that a single WAN failure won’t take my whole network offline. If you’re in a similar situation, I hope this guide is helpful to you.