Might be easier if you post screenshots of each page of the admin panel you see clicking the buttons up top.
Hi @Jason_Se,
You will have to create two outbound policy rules. One for xbox which will be on the top of the list (outbound policy rules are matched from top to bottom) and the second one for the remaining users. You can use priority algorithm to achieve this, here is an example for Xbox rule:
Service Name: Xbox,
Enable: Always On,
Source: IP Address, specify your Xbox IP for example 192.168.50.90,
Destination: Any,
Protocol: Any,
Algorithm: Priority,
Priority Order: Specify in the first place (top of the list) WAN which you want to use. In your case Verizon. Remaining WAN links prioritise to your liking, but I would place the second WAN as T-mobile.
When No Connections are Available: Fall-through to next rule,
Terminate Sessions on Connection Recovery: you can enable or disable this option.
Remaining users rule should have two changes. Source should be set to any and Priority Order should have top WAN set to a different one, in your case T-mobile. I am attaching example to the reply. It was taken from Surf SOHO MK3 running 8.1.3 firmware.
1 Like
Thanks everyone for your replies, I really appreciate it. I’ll attach a screenshot to this post so you can see what I’m talking about. Does anyone know how to get outbound policy to show up so I can do what Rokas_Musteikis said to do? Do I need to change firmware? Is that screenshot from InControl? I don’t have that setup since my unit is out of warranty.
interesting, might be a bug. have you tried a different browser?
Okay, I just tried Chrome. I used Edge on the screenshot. Same result, everything looks the same. I’m wondering if my firmware downloaded correctly.
what firmware do you see exactly? have you saved config and tried a factory reset? i’d file a support ticket.
@Jason_Seib
Please try to install 8.1.3 firmware again, if that would not help, backup your currently used configuration file and try to factory reset this device. If both options would not help, please open up a new ticket so our support team could take a look at your device:
https://ticket.peplink.com/ticket/new/public
1 Like
I got it to work by following the steps provided by Rokas_Musteikis. The rules area is located in the PepVPN of the advanced tab section. Originally, when I clicked on PepVPN it only had a local ID box with a greyed-out name. If you click save on that box, it opens up the rest of the page which contains the rules area. It doesn’t say “outbound policy” anywhere but that is the correct outbound rules area. Thanks again for all of your help.
Does the Surf SOHO now support “2 active WAN’s”? The reason I moved away from the Surf SOHO to a Balance was that the Surf SOHO only supported failover, at least a couple of years ago. At the time, I even tried bringing up the configuration page for outbound policy by manually specifying the URL. It came up, but it didn’t cause the Surf SOHO to activate both WAN’s.
FYI, I was using Apple USB Ethernet Adapter Model A1277 for my second WAN which worked fine for failover.
@Mark9, Surf SOHO MK3 support these WAN connections:
1x 100/1000M Ethernet Port,
1x USB 2.0 Interface,
Wi-Fi as WAN.
All of these WAN links can be placed to priority 1 at the same time.
Here you can find more information about Surf SOHO MK3:
1 Like
@TK_Liew posted “SOHO MK3 is designed for WAN failover. Your requirement can be achieved by using Balance router. You did the alternative way to test the standby WAN” on 21 May 2018 in response to my attempting to make both the Ethernet port and the USB interface Active simultaneously on the Surf Soho.
https://forum.peplink.com/t/need-one-pc-permanently-connected-to-the-usb-failover-wan-on-a-surf-soho-mk3
Hence my question yesterday about whether or not the Surf Soho can now do two Active WAN connections at the same time since TK_Liew seemed to close the door on that in the Surf Soho. So either something has changed in the Surf Soho, or it was always possible, but perhaps I wasn’t going about it correctly in 2018.
@Jason_Seib: In my 2018 posting, I stated “Another possibility is that the Surf Soho doesn’t support custom Outbound Policies. I had to use the following URL to add a custom policy: 192.168.50.1/cgi-bin/MANGA/index.cgi?mode=config&option=outboundpolicy as you can’t navigate to the Outbound Policy web page using the Surf Soho web interface.”
@Mark9, SOHO MK3 is designed for WAN failover purposes by default. This means only 1 WAN is allowed for the same WAN priority. Since we upgraded our care plan with SpeedFusion Cloud - https://forum.peplink.com/t/care-plans-upgraded-with-speedfusion-cloud!/31595/1, you are allowed to bond multiple WAN links from your Peplink device to SpeedFusion Cloud automatically as long as the care plan is still active.
I grabbed a surf soho mk3. Concerns:
- I can confirm Outbound Policy is missing from the menu but I can access it at https://192.168.50.1/cgi-bin/MANGA/index.cgi?mode=config&option=outboundpolicy Can it be added to the menu so it can be accessed via normal navigation?
- I can confirm only 1 WAN can be in priority 1. I am pretty sure I did see Peplink employees showing multiple WANs i priority 1 in past screenshots but I could be wrong. Some definitely have said it should support multiple WANs in priority 1. Either way, is this a hardware limitation, or something that can be overcome with special firmware?
- There was a comment that multiple WANs can be done in priority 1 via speedfusion? Is this enabled both for a solo hub or only Speedfusion cloud?
Thank you.
Can you get both the WAN port and the USB to work at the same time? I set up two separate VLAN’s in 2018 on the Surf Soho MK3 with an Enforced outbound policy, one to the WAN port and one to the USB port. However, the VLAN to the USB port did not work when the WAN port was successfully connected. It only worked when failover occurred, i.e., the WAN port was disconnected.
This is fairly similar to the XBOX on Verizon and everything else on T-Mobile configuration which is attempting to be set up.
I don’t have a Surf Soho MK3 anymore, just several Balances.
SOHO MK3 is designed for Home office. It supports WAN failover only by default. So, Outbound Policy is not supported.
SOHO MK3 support WAN failover only by default. So, only 1 WAN is allowed in a WAN priority. I believe you saw a SOHO MK3 with SpeedFusion Cloud enabled.
I replied you at SpeedFusion Cloud and soho MK3 - #8 by mystery.
It was stated that the SOHO MK3 has a restriction that only one WAN can be priority 1 in PepVPN outbound policy configuration. Does that mean that when the first outbound policy of Priority is created, that any further outbound policies of Priority must be in exactly the same priority order?
And is USB in the Priority Order list for the SOHO MK3 PepVPN outbound policy configuration, or just WAN and Wi-Fi as WAN? Also, what outbound policies can be created? Just Priority, or others too like Enforced?
I no longer have a SOHO MK3, so can’t test it myself. The posts from @Jason_Seib say ‘I got it to work by following the steps provided by @Rokas_Musteikis. The rules area is located in the PepVPN of the advanced tab section. Originally, when I clicked on PepVPN it only had a local ID box with a greyed-out name. If you click save on that box, it opens up the rest of the page which contains the rules area. It doesn’t say “outbound policy” anywhere but that is the correct outbound rules area’. So does this mean Jason_Seib got the XBOX set to WAN priority 1 in one outbound rule and the rest of his devices on Verizon set to Wi-Fi as WAN priority 1 in a second outbound rule?
If Jason_Seib was successful in doing this, then the PepVPN outbound policy configuration means that the Surf SOHO is working as a dual WAN router with WAN and Wi-Fi as WAN active at the same time. Or possibly even more if the USB is part of the Priority Order and can be set above WAN or above Wi-Fi as WAN (granted, if you can configure USB this way it doesn’t mean that it actually works on the SOHO MK3, just that Peplink either needs to ban configuring USB above anything, or make USB work for more than failover to honor what can be configured).
I finally had some time to look at my setup and found that it’s not working as I would like. I decided to test it by setting up two new rules, the same as before, but using IPs of computers, so I can speed test and see where they are getting their signal. I have T-Mobile in WAN ethernet and Verizon in WAN USB. I tried testing both computers with T-mobile on top and Verizon below on the priority list of the outbound rule. With this arrangement, they both used the Verizon signal. I reversed the options, moving Verizon on top with T-mobile below. Once again, both used the Verizon signal. Then I navigated over to the dashboard and changed Verizon(USB) from priority 1 to priority 2, and T-Mobile from 2 to 1 and repeated the tests. This caused both computers to use T-mobile instead of Verizon. It appears that the priority levels of your WANs on the dashboard supersede any outbound rule priorities. It just throws it at whichever WAN is priority 1 on your dashboard.
Next, I tested the same rules as before, set to “enforced” instead of “priority”. This worked for controlling which signal the individual computers received. I was able to run simultaneous speed tests for both Verizon and T-Mobile with this layout. The one problem I ran into with “enforced” rules was with the YouTube app on my Apple TV. If I enforce it to T-Mobile with Verizon active in the USB, the app wouldn’t load. Although, it works fine if I shut off my Verizon hotspot. All the other apps worked in this configuration, I would use this setup if not for the YouTube app.
My solution, for now, is to put Verizon(USB) as priority 1 and T-Mobile(WAN ethernet) as priority 2 on the dashboard page. Then keep the Verizon hotspot off unless I want to game on the Xbox or download a large file. In that case, I’ll turn on the Verizon hotspot so it can take over as priority 1. Does anyone know why the SOHO doesn’t use the priority 1 WAN that it should in an outbound rule?
Here are some configuration guidelines from the Peplink Surf Soho manual:
-
Outbound Policies are applied only when more than one WAN connection is Active. Hopefully the Dashboard shows both as WAN (T-Mobile) and WAN USB (Verizon) as WAN Connected and active for you.
-
The Soho supports Enforced and Priority outbound policies. You should probably enable “Terminate Sessions on link recovery”. Otherwise, a session can remain connected on the wrong WAN. See: https://forum.peplink.com/t/one-way-audio-on-soho-surf/23073/9.
-
I don’t know if “Independent from Backup WAN’s” needs to be enabled, but probably. Same thing with Standby State. It may need to be configured so that the connection remains connected, not disconnected when the WAN connection is no longer in the highest priority and has entered the standby state.
I don’t know how re-arranging Priority on the Dashboard affects the priority you select in the Priority Outbound Policy (I no longer have a Surf Soho, but have ordered one to arrive in a week or two). I am assuming that the priority order you set in the Priority Outbound Policy is unaffected. And does that mean that anything in the Outbound Policy list is executed before the Priority settings in Outbound Policy or the reverse, with the Dashboard settings superseding the Outbound Policy which seemed to be your experience (but were the two WAN connections active as required to execute Outbound Policies…)? Hopefully someone can clarify this.
The Enforced Outbound Policy seemed to behave much more as I expected with the exception that the YouTube app on your Apple TV misbehaved. I wonder if this could have something to do with the configurations which I mention above, particularly “Terminate Sessions on link recovery”. Another thought which occurred to me is whether Apple or YouTube tries to connect back via an Inbound connection. It seems like a remote possibility unless there was Port Forwarding going on. But then again, FTP transfers can do this. Again, maybe someone can lend assistance on this.
Finally I will comment that you got further than I did on Enforced connections in 2018 using WAN USB. I wonder if that is because you had WAN USB at Priority 1 or Priority 2, not Priority 3 on the Dashboard (I can’t remember anymore what I did). Perhaps Priority 3 is always reserved for Cold Standby so that you can only have two Active connections. Another difference is that I was using WAN USB with a USB to Ethernet adapter. Probably Peplink (@TK_Liew?) would be best to comment.
Testing on 8.1.3 reveals the secret, rather bizarre behavior of Outbound Policy Rules for Surf Soho under PepVPN. I set up WAN as Priority 1 (Connected) and USB to a second Ethernet line as Priority 2 (Standby).
-
Enforced rules works as expected. You can enforce traffic to either WAN (Connected) or USB (Standby).
-
Priority rules for some reason will not honor USB in Standby mode even though USB in Standby mode is honored for Enforced rules. As a result, when you use Priority rules with Drop the Traffic for USB (Standby) in the interface list by itself, no traffic goes out on USB or WAN. If you expand the interface list to USB (Standby) followed by WAN (Connected), traffic goes out on WAN.
This look like a bug in the Priority outbound policy rule handing of Standby, which is Priority 2 on the Dashboard. @TK_Liew, do you agree that Priority rules should be honoring USB (Standby), similar to Enforced rules honoring USB (Standby)?
@Rokas_Musteikis, your 7 Oct 2021 directions were to use a Priority rule. It turns out that your advice (thank you) didn’t work because of this bug.
@Jason_Seib, I don’t know why your YouTube app on your Apple TV doesn’t follow your Enforced rules and I don’t have a setup to test this. I do wonder if you did not have “Terminate Sessions on Connection Recovery” enabled, which would allow existing connections to continue when you dynamically changed configurations. You may need to get Peplink to look into this.
Testing notes: WAN was to Comcast. USB was to Centurylink using a TP-Link TL-UE300 USB 3.0 to RJ45 Gigabit Ethernet Network Adapter.
@Paul_Mossip has provided the key to making the Output Priority rule work on the Surf Soho. On WAN configuration, enable “Independent from Backup WANs” which puts multiple WANs in priority 1.
I did this for WAN and USB, and voila, the Outbound Priority rules worked as desired and expected. For the record, the order of interfaces within Priority 1 define the order of failover.
CC: @Rokas_Musteikis and @TK_Liew