Hello, I need some help :
I have dual WAN connections on rv042G in "office 1". LAN is 192.168.10.x
A gateway to gateway VPN is made with another "office 2" on rv042G too.
The goal is to reach the LAN of the other "office 2" : 192.168.5.x
Now I need to use protocol binding :
One LAN ip need to use WAN 2 :
All traffic :192.168.10.77~77(0.0.0.0~0.0.0.0)WAN2 -> Working
The rest of LAN should use WAN 1 (same as the VPN)
When I create this rules, I can't reach the "office 2" LAN :
All traffic : 192.168.10.100~150(0.0.0.0~0.0.0.0)WAN1
I need some help !
I'm little lost with load balancing.
What should I do to make it works ?
Thx to help
Hi Gael, please be a bit more clear. You are using dual WAN and you have a VPN tunnel up. Which WAN interface is holding the tunnel up?
If you bind traffic to a specific interface and it is not the same interface that using the tunnel, any traffic destined for the tunnel can't as it is forced out a different WAN.
Please rate helpful posts
Thank you for the response.
And sorry. That's not really clear, that sure !
Gateway to Gateway VPN is using WAN1
My protocol binding parameters are :
WAN2 is Cable Internet
WAN1 is SDSL
A traceroute from a 192.168.10.x computer to
another device through VPN (192.168.5.x) makes the route
to the good ip adress, but it seems blocked.
It seems I have DNS problems.
Even without VPN I can't reach some adress.
How should I configure DNS ?
Can I use the router as DNS server ?
I have no response !
It seems that binding all protocol to WAN1 block the IPsec through this same WAN.
I should, I think except the ipsec protocol from binding.
I need to bind the others IP through this WAN.
How can I fix this problem ?
Someone could help me ?
A common reason people configuring protocol binding rules is that some secure web sites do not like to see different source IP addresses within a session. So one can bind https to one of the two WAN interfaces.
What makes you want to use protocol binding?
thx to answer.
I need to bind some IP because :
I have 1 NAS Device, I would like it use the WAN2, it is used from outside LAN by peoples and I want it
to have his dedicated Internet connection.
Then I would the rest of the LAN use the WAN1 to distribute the charge.
Also, I let load balance without protocol binding to tried, and had problems with https site, exactly like you said.
Some other protocols should makes me same problems with load balancing without protocol binding.
The NAS is in 192.168.10.200, that's why my binding parameters are.
Also, I need a gateway to gateway IPsec VPN. To connect 2 different location. To reach the MAN of the other
Location. I want to make it using WAN1.
Without protocol binding, It works correctly.
When I set the IPs LAN (without the NAS) :
All traffic, 192.168.10.100~192.168.10.X(0.0.0.0~0.0.0.0)WAN1
I can't reach the other LAN through IPsec VPN with devices with ip inside the "all traffic" rules.
There is a known issue that the current firmware cannot support two protocol binding rules with an overlap. In your config, you have a rule that bound all traffic to WAN1 and another rule, overriding the first rule to bind the traffic from NAS server to a server over an IPsec tunnel.
I am aware of a beta firmware that attemped to fix the issue. If your situation warrants to try the beta firmware, please contact the support center and escalate the issue to Level 2.
More or less ... I'm facing the same problem
Can you please tell me if you managed to find a solution?
Thanks and regards,
I have contacted support center, I waiting for news from them.
@Tekliu : My all traffic to Wan1 rule doesn't override the all traffic to WAN2.
I set the ip for all traffic for WAN2 to the NAS ip ! Or I didn't understand how the protocol binding on theses
router is working.
I used before a netgear product and did like that. I changed to cisco product for eaysier VPN gateway to gateway configuration.
For now, I have no response from support center.
As soon I have a solution, I tell you what I can solve and how, to you.
I resolved the issue with the cisco support with a beta firmware.
If you still have your problem, contact them to see if you can try the firmware.