RV082 Protocol Binding issues with failover or VPN

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by BigHusky, Mar 14, 2007.

  1. BigHusky

    BigHusky LI Guru Member


    we have a T-1 on WAN 1 and a Business Cable 10Mb/1Mb on WAN 2.

    When we setup the RV082 in Load Balancing mode we end up having to use a few protocol bindings for proper operation.
    We direct all HTTP and FTP traffic over WAN2, SSH and HTTPS over WAN1.

    Two things that we have observed with this configuration:

    1. Last week the Cable Connection failed and no-one could get to any web sites. So the Protocol binding will not be over written in case of failure, thus fail-over on the RV082 doesn't work with any protocols you bind to the Interface and that Interface fails.

    2. In the same category we discovered a similar situation when connecting to the RV082 with VPN. On the interface that you assign to the VPN connection you will only be able to use the protocols that are bound to that same interface or not bound at all. The protocols that are bound to the other Interface will miserably fail.
    So in the example above setting up the VPN to use WAN1 means you can use any program/app/protocol successfully except you can't access any web sites or ftp sites.
    If we change the VPN to use WAN2 then we can get to the web sites but then we can't do any ssh.

    Sadly after long trial and errors in order to be able to use the load balancing feature at all in the office we had to use the Protocol binding for proper operation and that is now biting us in the behind as we don't have fail-over and we don't have VPN.

    If there is anything else we can try I sure would appreciate any comments/hints/help. BTW. This is with any of the available firmwares.



  2. pablito

    pablito Network Guru Member

    1. I find that failover does work with protocol binding which in one case is a problem for me. I bind outbound SMTP to WAN2 because WAN1 is a cable modem that will get trapped by dynamic RBL lists. WAN2 went down one day and email starting going out WAN1 which I didn't want to happen. Perhaps there is a difference in functionality depending on direction?

    In fact besides binding specific protocols to WAN2 I bind all the IPs to WAN1 to prevent the flip flop IP problems. The precedence seems to work as I had hoped (specific protocols 1st then by IP) including failover when a WAN does go down.

    2. I'll need to check that myself because I have a problem with net-net VPNs that won't allow SMTP in one direction but is ok in the other. Perhaps this binding is the problem. However it doesn't seem to matter which interface I run the VPN on, I can no longer run SMTP over the VPN (maybe because VPN is on ipsec0 instead of WANx and binding is now literal?). This was ok on earlier firmware versions.

    So now I'm a bit confused about how to handle this. On the one hand I was surprised that failover did work even in the case that I didn't want it to work. This points to my SMTP over VPN problem. The issues are related it seems.

    I wish we could get a 3rd party version and finally fix these things.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice