RV042 - protocol binding not working as advertised

David Kieu · ‎03-26-2015

Hello everyone. I seem to have an issue that I cannot find a solution to and was hoping the support community would be able to help. The platform I am trying this on is the RV042. I have updated the firmware to 4.2.3.03.

The scenario for this configuration involves two RV042 routers.

The office router will only have one ISP.
The remote router will have two ISP where WAN1 will have a high-speed Internet link and WAN2 will have a satellite high-latency Internet link.

I can establish WAN1 on the remote router to create a VPN tunnel back to the office router. This works great. However, I was hoping to use "Protocol Binding" to direct a Service (TCP/5000) to only transmit over WAN2. I was hoping to dedicate WAN2 (satellite connection) specifically for this Service and no other traffic can transmit over WAN2 (even if WAN1 was offline). In the case that WAN2 is offline, this Service will fail on transmit as well.

I am having issues getting this to work. I have created a custom Service for TCP/5000. I have created the "Protocol Binding" for this Service where I have used the computer performing the transmission (192.168.1.100 to 192.168.1.100) to destination (0.0.0.0 to 0.0.0.0) on WAN2.

The problem I have now is if WAN1 goes down (or disconnected), all traffic goes over WAN2. This includes HTTP, HTTPS, etc. On a satellite connection, this can get very costly. Also, if I disconnect WAN2 and leave WAN1 online, I noticed this TCP/5000 traffic is transmitted successfully as well.

This leads me to believe that my Protocol Binding is not configured properly. I have found a few discussions and Internet articles regarding protocol binding with similar issues, but no solution has been given.

I hope someone out there can help!!

mdobiac · ‎03-26-2015

Hello l0p3zz187,

Protocol binding will not forward to an interface that is down and will go out the active interface. So if WAN 2 fails it will failover to WAN 1 and vice versa.

Here is a link to another discussion that may help being somewhat relevant to your issue: https://supportforums.cisco.com/discussion/11975831/rv042-functionality-question-dual-wans'

Hope this helps,

Michael D.

If this post is helpful please rate or mark as correct.

David Kieu · ‎03-26-2015

Thank you for replying Michael. The article did help me understand the RV042 much better.

However, I guess I am looking into the wrong unit for what I am trying to accomplish. I am hoping that when the primary link fails (WAN1), I do not want any of that traffic to failover to WAN2. I want to dedicated WAN2 specifically for TCP/5000.

If the RV042 cannot do this, do you happen to know which device can accomplish what I am looking for? Again, thank you for your response earlier.

mdobiac · ‎03-26-2015

Hello l0p3zz187,

Unfortunately at the Small Business level of devices we do not have a device that will do as you need. I would recommend contacting our Enterprise Presales team to see if they can suggest a device that will meet your needs.

That number is 1-800-553-6387.

Regards,

Michael D.

If this post is helpful please rate or mark as correct.

cassiosimoes · ‎05-14-2015

Any peplink device will do this

Li Zhang · ‎05-27-2015

Protocol Binding is primarily designed for dual-WAN working in load balance mode. When only one WAN connection is active, all traffic going through it is a desired behavior in most cases. If you want to limit traffic for this specific WAN interface, you should use ACL instead of protocol binding. That is, to configure as below:

1. Configure dual-WAN to work in load balance mode.

2. Create a protocol binding rule on WAN2 to bind the service TCP/5000.

3. Create an ACL on WAN2 to deny all traffic.

4. Create an ACL on WAN2 to allow the service TCP/5000.

(#3 must be done prior to #4)

Hope it helps.