Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

NETGEAR SRX5308-100AJS ProSafe Quad WAN Gigabit SSL VPN Firewall SRX5308 - Router + 4-port switch

Posted on 2010-11-07
7
1,901 Views
Last Modified: 2012-05-10
I have purchased a  NETGEAR SRX5308-100AJS ProSafe Quad WAN Gigabit SSL VPN Firewall SRX5308 - Router + 4-port switch for a client. This client requires two live WAN ports, one to the internet and a second for a corporate intranet. I spoke to Netgear sales regarding this and they recommended the NETGEAR SRX5308. The requirements of the project are to allow internet traffic through one WAN port (WAN1) and corporate Intranet traffice through the second WAN port (WAN2). I have configued both wan ports with static ip addresses, configured protocol binding for HTTP and HTTPS to both ports and configured default routes for the intranet traffic to go through WAN2. The router has two settings, setting a primary WAN port (One port live, a second port set as a failover port and the other two ports are disabled); or load balanced. The router has been set to load balanced. I have been informed by Netgear second level support that there is no need for a default route as it will work without one. I have found that this is not the case; the router is still load balancing traffic no matter what the target network in a 50/50 pattern. So the first WAN request will go through WAN port 1 and the second request will go through WAN port 2, the third request will go through WAN port 1 and the fourth through WAN port 2. (and the load balancing continues...)

I have the router configured as I requrie it to work, but need to find out if anyone can assist in setting a default route for the traffic to WAN port1 if it is not routed out through to the Intranet port (WAN2). The default routing section of the router allows setting a specific route for an ip address or a range of addresses within a single network range; but it will not allow the range to be set accross all networks. (ie I can set a default route for 64.22.66.444/32; or 64.22.66.0/24; but not for 1.1.1.1 - 224.254.254.254 - all networks that do not meed the above default routes)

PS I am working with Netgear second level support, but want to see if I can get a quicker response and solution to my issue...

Thanks for the help in advance.
0
Comment
Question by:dwknight
  • 4
  • 3
7 Comments
 

Author Comment

by:dwknight
ID: 34083118
(ie I can set a default route for 64.22.66.444/32; or 64.22.66.0/24; but not for 1.1.1.1 - 224.254.254.254 - all networks that do not meed the above default routes)

The above section should read as follows: (no matter how much proof reading is done...)

 (ie I can set a default route for 64.22.66.44/32; or 64.22.66.0/24; but not for 1.1.1.1 - 224.254.254.254 - all networks that do not meet the above default routes)
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 34131766
generally, you set default routes by subnet mask IE 0.0.0.0 / 0 (or subnet of 0.0.0.0) instead of setting the actual addresses 1.1.1.1-254.254.254.254.
0
 

Author Comment

by:dwknight
ID: 34132711
Thank you for your suggestion, but the static route section of the netgear will not allow 0.0.0.0 - it is detected as a an invalid entry.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 27

Expert Comment

by:Steve
ID: 34135372
The user guide advises that the router should have set up a default route automatically if you have a vpn setup.
ftp://downloads.netgear.com/files/SRX5308_RM_29Apr10.pdf

if not, try 1.1.1.1 with subnet of 0.0.0.0 and see if that works.
0
 

Author Comment

by:dwknight
ID: 34143938
Thanks for the suggestion, but I have no need for a VPN to be set up. I am looking to have a straight router with 2 active WAN ports only.
0
 
LVL 27

Expert Comment

by:Steve
ID: 34158612
I wa just quoting the user guide, not suggesting a vpn.
0
 

Author Closing Comment

by:dwknight
ID: 34280127
I am accepting this answer, even though, eventually Netgear support advised that a default route could not be manually set on this device because it is a true load balancing device. Thank you for your assistance anyway.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question