RV082, VPN and Dual Internet Connections

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by fowen, Mar 21, 2006.

  1. fowen

    fowen Network Guru Member

    I have a RV082 setup on my network handling a IPSec VPN tunnel with a BEFVP41 as the endpoint. We are using Cox Cable (6MB/1MB) for our main internet connection and we are using Qwest DSL (3MB/1MB) for a backup connection.

    I setup the BEFVP41 at the remote location over the weekend and everything worked great. When i got in on Monday all 3 of my PPTP VPN users (PPTP VPN Server is a Windows 2000 server box) were complaining about speed issues and Internet Browsing seemed laggy on the LAN. I pulled up MRTG and noticed the IPSec connection (with the backup server) was eating up all of the available upload bandwidth on our Cox Connection. I suspended the backup server and everything went back to normal.

    I have two potential solutions for this but I am not sure how either may/may not would work.

    1. I would like to use the Qwest backup connection on WAN2 for the IPSec tunnel. This way users can use the Cox connection for their PPTP connections and Basic Internet Use

    2. I setup port priority so the port the VPN server is using is running on "High" priority. The router seems to give the IPSec tunnel a higher priority on the network then the port I set to high. Is there a way to set the IPSec tunnel to a low priority?

    My last solution to this issue it to go grab another BEFVP41 and setup the IPSec tunnel to use this router on the DSL connection. If I do this I may as well get rid of the RV082 and put back our old router which I rather wouldn't do.

    Does anyone know how to do either option #1 or option #2? Do you have another solution that may work for me?
  2. d__l

    d__l Network Guru Member

    Would binding the IPSec port 500 to WAN2 or something similar work? This is just a speculative suggestion as I'm interested in the solution to this sort of problem myself before I acquire an RV082.

    I'm wondering if this is something unique to using a Back Up WAN setting that a Load Balancing arrangement might avoid.
  3. fowen

    fowen Network Guru Member

    After further research it looks like the RV082 WAN2 port will only work for fail over and not load balancing so we can't bind IPSec to WAN2.

    It does appear the RV016 does allow for load balancing. Can someone comment on whether or not we would be able to use WAN2 for our incoming IPSec tunnels?
  4. Toxic

    Toxic Administrator Staff Member

    By the looks of the "System Management" page you should be able to select "Load balance" then select a service (IPSec UDP/500~500) using WAN2 interface.

    would this suffice?

    this should be on your

    Sys-Management-Dual-WAN-Load-Balance.htm page.

    like so:

  5. fowen

    fowen Network Guru Member

    After playing around in the router I found the load balancing option (even after the tech on the phone told me it was impossible).

    If I bind port 500 to WAN2 do I also put the destination IP as the router's local IP ( since the RV082 is handling the IPSec tunnel?
  6. d__l

    d__l Network Guru Member

    Frankly it looks as though those bindings apply to outgoing requests and not incoming so if the VPN connection is made from the BEFVP41 to your RV082, my binding suggestion may be an unworkable solution. Sorry about that.

    When you set up the tunnels on the VPN page, did you try specifying WAN2 that the tunnels was to connect through? This may be a better way to force the IPsec tunnel to the WAN2 side.
  7. fowen

    fowen Network Guru Member

    I cannot believe I missed that.

    Not only that but Linksys support ALSO told me sending IPSec traffic must go over WAN1. Earlier they told me this model only did fail over. When are they going to pull their heads out of their assess?
  8. d__l

    d__l Network Guru Member

    Well let me know how this forcing IPsec VPN to a specific WAN works with Load Balancing. It will help me make my purchasing decision for an RV082. :)
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice