I've got a client set up with dual-wan load balancing over two PPPoE DSL connections and everything is working great, except on particular seucre website they use for some financial services. Through trial and error we've determined the issue is apparently related to the load balancing and the site not liking the fact that requests are sometimes being made from a different IP than previously. If I kill one of the DSL connections so the load balancing has to fail over to only the active connection, the site behaves normally, but this is obviously not a practical solution.
Detailed explanation of behavior:
- Open site - no problem
- Sign in - no problem
- Attempt to enter a section of the site for financial transaction
- somtimes errors out to an "Internal Server Error" with the website's error message and e-mail contact to their tech support (we've already reached out to them and they're not very responsive or helpful)
- sometimes loads properly
- If it loads properly to this point, attempt a customer lookup
- sometimes finds customer
- sometimes can't find customer number and shows an internal error, please try again
- If it loads the customer properly, it will inevitably fail on the next step submission of data
Again, if we access this with only one active DSL connection it's fine, but, of course, the rest of the building's internet connections suffer without the second line and load balancing. This is the only website with which we've had this issue and we've been in contact with their tech support without much help aside from narrowing it down to the assumption that the WAN load balancing is probably the issue.
I'm not sure what to do at this point aside from maybe setting up a separate wireless network, tagged with a VLAN and setting up another subnet on the router to attach the wireless VLAN-tagged traffic and set up policy based routing to force all traffic from that VLAN to a specific WAN connection, avoiding the load balancing for that VLAN, only. I'm not even sure if that's within the realm of possibility. Any suggestions? At this point they have no alternative WAN services available at their location.
Thanks.