Yes exactly, I want this function. It is the same situation when I type the public IP address of WAN1 within LAN.

It does not response to ping sometimes also. Which is even more strange. 

To assign IP to certain DNS is pretty simple (at least in my case).

I have a domain (mydomain) and it is registered at domain administrator. The hosting is provided by diferrent company that is pretty cheaper than domain administrator (who offers hosting too) and offers also, in my opinion, simpler settings.

You can also edit domain's DNS, so I added the  prefix "remote" to domain name and defined IP address of WAN1, type A for this record.

That's it.

I have played with DynDNS and other DNS servers and tried to establish the same, but all these services are paid and then the idea with hosting provider crossed my mind.

Okay, so I think I get it.  You've used a subdomain off your main domain to point to WAN1's IP address, correct?

Try this experiment--use the wan IP address from the lan and see if that works.  I just tried it on one of my smb routers (non-cisco) and it did allow me to get into the remote access via the wan IP.  If this works, then it's something with the domain setup.  Otherwise, it may be a limitation on the rv320 to not allow hairpinning (possibly to avoid a network loop).    

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Samir,

it is router's issue. I have tested it with the public IP many times, even before I set the subdomain pointing at my public IP. This is not just the case of RV320, I would guess that all the Cisco routers do not allow hairpinning by default as you can find by googling cisco + hairpinning.

It is possible to enable the feature on Cisco ASA Firewalls, where INTRA-INTERFACE command is available but the firewall in RV320 lacks any advance settings.

I have found this:

https://supportforums.cisco.com/thread/2151099

quite old thread

I have also tried to set the internal DNS, which works fine  for remote.mydomain.xy -> 192.168.1.1, but it does not work for "public IP" to "local IP" of course.

The funny thing is, I have bound all LAN IPs to WAN2 (ISP IP)  and want to get to public IP on WAN1, so it definitely goes out the router over the second cable and should return over the first cable ( or I think this works this way)

And once again. This issue is probably Firewall related, as it works the way I want when Firewall is disabled, which is not desired and I am looking for the way how to go round this obstacle.

Well, I would say, Cisco probably does not allow hairpinning by default in order to block network loops but IMHO they should let their customers choose. 

Ah, I see you've done quite a bit of testing.  The only way I think you could 'force' it would be to use a static route that will designate any lan traffic for the wan IP to go to the default gateway instead.  Or, worse case, you can have two different subdomains--one remote.domain.xy and remote2.domain.xy, one for the WAN IP and one for the LAN IP.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Miroslav,

If the RV320 does not allow hairpinning, then it is the only Small Business router that I know of that does not. I have an RV220W at home and it allows hairpinning. I have also used the RV180W, WRV210, WRV200 and recently ISA550W. All of them allow hairpinning by default except for the ISA550W. In that router an Advanced NAT Rule is required and then it works. From what I've read so far it doesn't sound like what you are doing is actually hairpinning or NAT loopback. Hairpinning would be where the outbound traffic used WAN 1 and was directed back to the LAN server. I am not clear about what is connected to WAN 2.

"This router uses 2 WANs, one with public IP, second with provider's network IP address. All the traffic from LAN to internet goes over non-public (WAN2, provider's IP) and public IP (WAN1) is intended for remote access to local network, several services and VPN."

What do you mean by "provider's network IP address" and "non-public (WAN2, provider's IP)"?

Is that a second ISP or the same?

Is there a router between the RV320 and ISP on WAN 2?

If you unplug WAN 2 from the RV320, all outbound traffic should fail over to WAN 1. Try that and see if hairpinning works, as that would be true hairpinning.

Please also answer my questions so I can better understand your configuration. A simple drawing in Paint is also useful.

- Marty

Hello Marty,

thanks for words of hope.

I have found, you are right about hairpinning in the terms you described.

The problem is probably somewhere else.

I am sorry for any confusion by designating WANs.

I've got one local ISP, which connects our building by fiber optic cable and we are therefore a part of their town network.

They have reliable connection, so I do not need a backup line as I do not run any crucial application where one hour off-line means catastrophy.

That is why, RV320 is in  load balancing mode

.

I wanted 2 WAN connections in order to be visible from internet for certain applications where tight rules are set on the other hand; I do not want to leave too many traces, because not just myself uses our LAN.

Also, I suppose, ISP maintains his network more secure and attacks proof.

router's WANs are configured to load balancing

I have bound:

LAN's IPs range 192.168.1.4 - 254 to WAN2

LAN's IPs range 192.168.1.1-3 to WAN1

where:

WAN1 is configured for public IP - 89.xxx.xxx.15 and GTW is 89.xxx.xxx.14

WAN2 is configured with local ISP's IP - 172.xxx.xxx.15 and GTW is 172.xxx.xxx.1

Both WANs have the same DNS servers, primary: 89.xxx.aaa.2, secondary: 89.xxx.bbb.2, as both are in one provider's network.

I have absolutely no idea, how it is connected within their network, how many routers etc is on the way.

Their town network has around 5000 clients.

When I disconnect WAN1 - all the LAN to WAN traffic is automatically redirected to WAN2, and I see the ISP's IP when trying .

When I disconnect WAN2 - all the LAN to WAN traffic is automatically redirected to WAN1, and I see my public IP ( whatismyip.com).

When both WANs are connected, it follows the rules set in binding table. I see ISP's IP when connecting from device 192.168.1.4 upward and my public IP when connecting from device 192.168.1.2-3

When I ping my public IP while WAN1 is disconnected, I get message from GTW that IP is not reachable.

Doing the same when WAN2 is disconnected, I get 100% return.

The strange thing is, ping does not respond the same all the time

.

I tried it yesterday, one of four packets was lost, another try, 100% successful.

I tried it today and received "time out".

As the router's WEB UI is on port 443, I tried to type https://publicIP and WEB UI page appeared.

Since then, ping works fine <1ms

When I type my publicIP on my mobile, while Wi-Fi is off (connected thru cell network) I get router's WEB UI through https:, when typing publicIP through http: I get NAS'es Web UI. This is done by port forwarding, as you can see on the pictures bellow.

So it works fine outside the network

Partially or not at all from inside the network .

I suspect, port forwarding and firewall's access rules have to be tuned up, but I have no idea how.

I believe that all necessary is opened and forwarded.

Mirek

Marty,

thank you, that is great.

I have normalized the forwarding and access rules according your  suggestion and avoided any forwarding to 192.168.1.1. Therefore *  (asterix - any source interface) has been changed to WAN1 and  destination ANY has been changed to real range starting with 192.168.1.2

Now it works flawlesly, the same way as from internet. I would not find the fault.

Hello Steve,

I would suggest to printscreen actual setting of Firewall's access rules and Port forwardings. We would know more (and see) then. Blur any secret information.

BTW. You are in the support community. It is free of charge and it takes a while prior someone replies. If you need an instant support, you have to buy it which is probably not worth in your situation.