Email notification: how to configure email notifications on a Mikrotik router using netwatch

Yesterday, I made a post on how to achieve automatic failover when using a Mikrotik router with two ISP connections. You can find it here. Now, assuming you have successfully set up automatic failover on your Mikrotik router, that means you may probably not know when one of your links goes down because the router automatically switches control to the second
ISP. In such situation, your ISP may be unaware that your connection has gone down. You need a system that notifies you of a downtime so that you, in turn, can notify the ISP, even though control has been switched to the secondary link. This is what I will be sharing with us in this post.
The task is to set up email notification, using netwatch, so that the router, upon noticing that a link is down, will automatically generate an email and, using the second ISP’s internet connection, send the mail to a predefined email address- the network admin’s email address or the concerned ISP’s email address.
Requirements:
Dual ISP connections
Sender’s and receiver’s email addresses
Email server’s IP address
A Mikrotik router with a minimum of three dedicated interfaces. (By dedicated, I mean not a slave to any other interface)
Configuration:
The below codes should be pasted in the new terminal window of your Mikrotik router after you have edited the source and destination email addresses and the server address. To get the IP address of your company’s email server, ask your hosting company, if it is hosted in the cloud or the server administrator, if it is hosted locally. Alternatively, you can get the address of the server by going to email settings on your Microsoft outlook. The in-coming and out-going server addresses are usually the same. Copy any one of them (in-coming or out-going) and ping it from the command prompt of a computer with internet connection. Your DNS server will resolve the address to and IP address so that you can use it for your configuration.

You may also like: How to resolve Site-to-Site VPN authentication issue on Mikrotik and Cisco routers

For ISP1

[[email protected]] system script> add name=primary-down source={/tool e-mail send {… from=”[email protected]” server=”173.203.187.9″ body=”ISP1 is down” {… subject=”ISP1 is down” to=”[email protected]”}

[[email protected]] system script> add name=primary-up source={/tool e-mail send {… from=”[email protected]” server=”173.203.187.9″ body=”ISP1 is up” {.. subject=”ISP1 is up” to=”[email protected]”}

[[email protected]] system script> /tool netwatch

[[email protected]] system netwatch> add host=197.210.240.55 timeout=999ms … interval=20s up-script=primary-up down-script=primary-down

 

For ISP2

 
[[email protected]] system script> add name=secondary-down source={/tool e-mail send {… from=”[email protected]” server=”173.203.187.9″ body=”ISP2 is down” {… subject=”ISP2 is down” to=”[email protected]”}
[[email protected]] system script> add name=secondary-up source={/tool e-mail send {… from=”[email protected]” server=”173.203.187.9″ body=”ISP2 is up” {.. subject=”ISP2 is up” to=”[email protected]”}
[[email protected]] system script>
[[email protected]] system script> /tool netwatch
[[email protected]] system netwatch> add host=197.210.43.44 timeout=999ms … interval=20s up-script=secondary-up down-script=secondary-down
The last part is making sure that the pings used in testing the reachability of each ISP’s gateway goes out only through the interface that connects to that ISP.

For ISP1

 
[[email protected]] > ip firewall filter add chain=forward dst-address=197.210.240.55 protocol=icmp out-interface=ether2 action=drop

For ISP2

[[email protected]] > ip firewall filter add chain=forward dst-address=197.210.43.44 protocol=icmp out-interface=ether1 action=drop
 
The first rule drops all icmp packets to ISP1 via the interface connecting to ISP2 while the second rule drops all icmp packets to ISP2 via the interface connecting to ISP1.
If you have any questions, please use the comment box. Thanks for ready and stay safe.
Spread the love

Timigate

Ashioma Michael, a BSc (Computer Science)., MTCNA, CCNA, and CCNP holder with many years of industry-proven experience in network design, implementation and optimization. He has tutored and guided many professionals towards obtaining their Cisco certifications. Mike works as a senior network engineer with one of the leading internet service providers in West Africa.

Leave a Reply

Your email address will not be published. Required fields are marked *