Orbi WiFi 7 RBE973
Reply

Enabling Weighted Load Balancing Dual WAN, incoming forwarding breaks

rogerp
Aspirant

Enabling Weighted Load Balancing Dual WAN, incoming forwarding breaks

We have a working SRX5308 with a single WAN (WAN1) and incoming port forwarding working for several services (HTTP, SMTP, etc.)

 

When I connect a second WAN (WAN2), and then enable Weighted Load Balancing, incoming port forwarded traffic via WAN1 to the destination servers no longer works.

 

For example. we have port forwarding on WAN1 to a web server.  We enable load balancing including WAN2, we can no longer connect to that server from the outside.

 

Any ideas why enabling load balancing would seem to break incoming port forwarded traffic on WAN1?

Model: SRX5308|PROSAFE Gigabit Quad WAN SSL & IPSEC VPN Firewall
Message 1 of 4
DaneA
NETGEAR Employee Retired

Re: Enabling Weighted Load Balancing Dual WAN, incoming forwarding breaks

Hi @rogerp,

 

Since you have configured Load Balancing, I suggest you to configure Protocol Binding as well.  Kindly read pages 41 - 44 of the SRX5308 reference manual here about Load Balancing Mode and Protocol Binding. 

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 2 of 4
rogerp
Aspirant

Re: Enabling Weighted Load Balancing Dual WAN, incoming forwarding breaks

Protocol Binding is used to bind *outgoing* traffic to a particular WAN interface.  My problem has to do with incoming traffic.

 

Unless what you're suggesting is that (eg. HTTP) traffic coming in on WAN1, is port forwarded to a particular server, and a protocol bind is necessary to guarantee that server's responding outgoing HTTP traffic heads back out through the same WAN.  But shouldn't traffic normally always return on the WAN interface it comes in on?

Message 3 of 4
DaneA
NETGEAR Employee Retired

Re: Enabling Weighted Load Balancing Dual WAN, incoming forwarding breaks

@rogerp,

 

Kindly double check the inbound firewall rule/s configured in order to ensure that the incoming service is still sent to the correct LAN server. If ever the inbound rule/s is still set correctly, then configure protocol binding as a test to see if it works.

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 4 of 4
Top Contributors
Discussion stats
  • 3 replies
  • 2652 views
  • 0 kudos
  • 2 in conversation
Announcements