NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Retired_Member's avatar
Retired_Member
Jul 21, 2017
Solved

SRX5308 Protocol Binding Services PORT 443 LB

Hi,

with 2 ISP using static IP addresses (Load Balancing) I use use Protocol Binding to always have the same IP address for specific services. It's already working, see overview bellow:

 

Service | Local Gateway | Source Network | Destination Network
Jabber  | WAN1          | Any            | Any
HTTP    | WAN2          | Any            | Any
HTTPS   | WAN2          | Any            | Any

 

Like that, every webpage I visit using https (443) I always have the IP address from WAN2 - everything fine so far.

But now I need to visit a specific webpage - and only this specific webpage - with the IP address from WAN1. I added a custom service, as seen bellow:

 

Security > Services > Add Custom Service:
Name: SPECIAL
Type: TCP
ICMP Type: -
Start Port: 443
Finish Port: 443

 

And I added a new Protocol Binding rule, as seen bellow:

 

Network Configuration > Protocol Binding > Add:
Service: SPECIAL
Local Gateway: WAN1
Source Network: Any
Start IP: -
End IP: -
Destination Network: Single Address
Start IP: 12.34.567.89
Finish: -

 

Protocol Binding's overview looks like that now:

Service | Local Gateway | Source Network | Destination Network
Jabber  | WAN1          | Any            | Any
HTTP    | WAN2          | Any            | Any
HTTPS   | WAN2          | Any            | Any
SPECIAL | WAN1          | Any            | 12.34.567.89

 

The problem here is, when I visit mit specific page (Server IP/A-Record 12.34.567.89) I still going out over WAN2 and not over WAN1 as whished.

 

Any ideas? Thanks in advance.

 

Hardware: NETGEAR ProSafe™ Gigabit Quad WAN SSL VPN Firewall SRX5308

 

  • Hi fnb,

     

    Welcome to the community!

     

    As per checking in here that you do have HTTPS was set to WAN2. The SPECIAL that you created will have a conflict on the HTTPS port which is already set to WAN2. It does not recognizes the port 443 on WAN 1. You may try to use a custom port and translate in order for this to work as you cannot use the port 443 anymore.

     

    Regards,

3 Replies

  • JohnC_V's avatar
    JohnC_V
    NETGEAR Employee Retired

    Hi fnb,

     

    Welcome to the community!

     

    As per checking in here that you do have HTTPS was set to WAN2. The SPECIAL that you created will have a conflict on the HTTPS port which is already set to WAN2. It does not recognizes the port 443 on WAN 1. You may try to use a custom port and translate in order for this to work as you cannot use the port 443 anymore.

     

    Regards,

  • JohnC_V's avatar
    JohnC_V
    NETGEAR Employee Retired

    Retired_Member,

     

    I would like to have a follow up on this thread. Please let us know if you still need further assistance and just in case that the reply is the answer to your issue. I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!

     

    Regards,

    • Retired_Member's avatar
      Retired_Member

      Hi JohnCarloV,

       

      I guessed that would the issue (having the port 443 twice).

       

      Thanks for your reply.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More