RV042 Dual WAN Bank Website Issue

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by mmcalis1, Nov 21, 2005.

  1. mmcalis1

    mmcalis1 Network Guru Member

    Here is an odd one and I wondered if anyone had an idea.

    Some people in my office have reported strange goings on when they access their bank account from inside the office when using the Dual Wan feature of the RV042. This seems to effect LloydsTSB and HSBC.

    They can logon to their accounts but randomly they get logged off!

    I can only think that they begin the the session through one of the Dual Wan ports, say WAN1, and then half way through the RV042 switches them to the other WAN2 - then I think the bank website senses the IP change and thinks something is odd so logs them off - perhaps they are using the IP address in determining/ validating sessions?

    If this is the case how can I get round this issue? Is the router IP session aware?

    Or can I use static routing to force the box to only use WAN2 for HSBC/LTSB IP addresses? It would be very useful instead to use the domain name in the static routing and not just an IP - i.e force all HTTPS requests to www.hsbc.co.uk to go through WAN2.

    The problem is futher compounded as all users go through a Squid No-Cache Proxy before going through the RV042 so I probably can't even control WAN1/2 access from originating IP as the RV042 just sees the originating IP as the Squid Server IP - correct?

    Your thoughts would be appreciated!

  2. mlai

    mlai Network Guru Member

    I think you can bind outgoing https traffic to go thru a single WAN. That's what I am doing on my RV082......
  3. DigiGuru

    DigiGuru Network Guru Member

    I can confirm this issue.

    The only resolution we have found too is to bind all HTTPS (port 443 TCP) traffic over one WAN connection.

    This also afftected some shopping basket systems (eg: play.com)

    All work ok now :)
  4. mmcalis1

    mmcalis1 Network Guru Member

    Thanks I have done this now and all seems ok!

    Does beg the question of why did I buy a dual WAN router when I have to bind a protocol through one WAN port!!!!!

    I have since had to do the same for ports 80, 8080 and 8443!

    It seems JSP sites can use IP based session id's for both HTTP and HTTPS - if you visit one of these sites you randonly get booted out!

    We have also had to do this for any SSH port 22 requests!

    Surely the Dual WAN router could be a bit smarter!!!!

  5. jsidoti

    jsidoti Guest

    this topic was a life saver...

    I just installed an RV082 and we suddenly had problems with our online banking.

    so thanks for the tip

  6. Lazybones

    Lazybones Network Guru Member

    It depends how the router does the load balancing.. The XiNCOM units have several different modes.. I hear one of the best is balancing per session.. This prevents the router from breaking secure connections like HTTPS but still spreads things out. To get a advantage for download speed of a single file though you would need to use a download manager or program that opens more than one session per file.
  7. FunFunFun

    FunFunFun Network Guru Member

    How to for dummies...

    How do you bind https traffic to WIN1 or WIN2 on the RV042?

  8. JShadden

    JShadden Network Guru Member

    I would like to know how to bind https traffic as well. I'm a little confused as to what addresses I should put in for the destination IP range.
  9. logandzwon

    logandzwon Network Guru Member

    rv042 doesn't let you configure it the same way as rv082
  10. FunFunFun

    FunFunFun Network Guru Member

    RV042 Load Balancing and HTTPS

    So that RV042 can't do load balancing unless you don't need HTTPS. Is there another way around?
  11. omegared

    omegared Network Guru Member

    To answer some of your questions regarding binding traffic to a specific port. Go to the router configuration page then select system management. If you have the router set up for load balancing as oppose to Smart Link backup you should be able to scroll down on this page and bind different protocals to WAN1 or WAN2. If you guys need futher help feel free to respond.
  12. logandzwon

    logandzwon Network Guru Member

    nope, not on RV042

    We can bind service from an ip, or range up to a class C to an ip or range of IPs upto a class A.

    Aside from that, it doesn't really work well.
  13. s3bi

    s3bi Guest

    What we can do. (we with the RV042) I realy need this.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice