How to make RV082 access secure web sites in load balanced mode

Answered Question
Aug 20th, 2009

I just purchased an RV082 Dual WAN gateway/router because I have both Cable and DSL feeds into my office. It all works fine until I try to access a secure web site or have a conversation through my Vonage internet phone. In failover mode it all works. As soon as I select load balancing, I have failures. I don't see this listed anywhere as a "known problem" so there must be some kind of workaround if this is not a bug. Has anyone else seen this and how have you solved thes?

thanks

Poul

^..^

I have this problem too.
0 votes
Correct Answer by Te-Kai Liu about 7 years 5 months ago

>So I set both HTTPS port:443 and HTTPS Secondary port:8443 to WAN1 and that seems to work so far. I assume that the router will still automatically switch to WAN2 should WAN1 fail.

SR: That's correct.

Correct Answer by Steven DiStefano about 7 years 5 months ago

I agree with David.  For a website login page that requires multiple https/tcp sessions coming from the same IP address, RV0xx load balance (round robin) for incoming TCP sessions alone wont work.   Use the Service management configuration to bind https protocol (443) to one of the WAN interfaces and see if that helps.

Correct Answer by David Carr about 7 years 5 months ago

The problem you are having is your doing load balance and the traffic to the secure site is going out both wan's.  The secure site is waiting for a response from the original wan ip that established the connection and then it receives the reply from the other wan ip address.  This is a common issue.  You can do protocol binding under the system management tab and have all your https traffic going out one wan ip address, this will fix this issue.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Correct Answer
David Carr Fri, 08/21/2009 - 06:32

The problem you are having is your doing load balance and the traffic to the secure site is going out both wan's.  The secure site is waiting for a response from the original wan ip that established the connection and then it receives the reply from the other wan ip address.  This is a common issue.  You can do protocol binding under the system management tab and have all your https traffic going out one wan ip address, this will fix this issue.

Correct Answer
Steven DiStefano Fri, 08/21/2009 - 07:27

I agree with David.  For a website login page that requires multiple https/tcp sessions coming from the same IP address, RV0xx load balance (round robin) for incoming TCP sessions alone wont work.   Use the Service management configuration to bind https protocol (443) to one of the WAN interfaces and see if that helps.

coolcoyote Fri, 08/21/2009 - 11:40

So I set both HTTPS port:443 and HTTPS Secondary port:8443 to WAN1 and that seems to work so far. I assume that the router will still automatically switch to WAN2 should WAN1 fail.

Taking your lead, to get my Vonage phone adapter unit to behave, I assigned it a static address in my network and then assigned "all traffic" at that ip address to WAN2. Once again I assume that it will failover automatically. Does this sound like the correct thing to do? It seems to work. And if you know, please comment on the failover when in load balancing mode.

thanks

Poul

^..^

Correct Answer
Te-Kai Liu Fri, 08/21/2009 - 13:26

>So I set both HTTPS port:443 and HTTPS Secondary port:8443 to WAN1 and that seems to work so far. I assume that the router will still automatically switch to WAN2 should WAN1 fail.

SR: That's correct.

coolcoyote Fri, 08/21/2009 - 14:40

Thank you all for your help. I appreciate your answers.

I want to mention something I discovered that I did not pick up from the documentation. When setting up my Vonage telephone adapter for a static IP address, I thought I had to configure the adapter as well as the RV082. It turns out that I could leave the Vonage TA in DHCP mode and still enter an IP address (on the RV082 in load balancing mode) for a given mac address. This had the effect of reserving that IP address and assigning it to the Vonage TA every time it comes on line. Then I could use that IP address to select which WAN to use and what priority or speed. Very cool...   :-)

Poul

^..^

Actions

This Discussion