Balance One - Problems Accessing Secure Sites (HTTPS)


#1

I can’t access almost all HTTPS sites (even these forums) and this issue is interfering with a secure application that I use for my business with my Balance One (running on 6.2.2 firmware) but Skype, Google Hangouts, etc. and all non-secure sites seem to work fine. I have tested it many times by switching between the Balance One and connecting directly to my 100% weighted WAN 1 (cable modem/router combo) and when I am directly connected to the cable modem/router combo, I never have any problems. I have been going through the settings and changing things (on both routers), too, but nothing, including a factory reset on the Balance One, seems to get it to work right.

I shut off the firewall on the cable modem/router and also, I have another router plugged into it and have had others plugged into it in the past and have never had any issues with any of them. Further, I even tried disabling SSL Persistence to no avail. I have to say I have never had a problem like this with any other router and that I am rather perplexed. Thanks.


#2

I just downgraded my firmware to 6.2.0 (and it looks like it did a factory reset on the settings, too) and only using my backup hotspot connection (and not the cable modem/router at all) and I am still having the exact same issue-secure sites are not loading and others are fine. It also doesn’t matter if it is a WiFi or Ethernet connection either. Finally, I have a PepwaveMAX OTG connected to the Balance One (which provides all of my hotspot/backup connections) and if I connect directly to the OTG, I don’t have this issue either. Hopefully, someone can help me out. Thanks again.


#3

All of a sudden, it started working fine with SSL but then stopped again for awhile and now started working again. This has happened before but 95%+ of the time it doesn’t work at all. This is so strange. Could this be faulty hardware?


#4

The default HTTPS Persistence rule must be in place or you will always have trouble with secure sites. Can you post a screenshot of your outbound policy rules?


#5

Thanks, yep I only had it disabled for like 30 minutes one time to see if it might be causing the issue and obviously, it wasn’t. Also, I have had the default rule set to auto and tried weighted balance 10:0:0 and had issues with those, too. Here’s the screenshot…

Thanks again.


#6

Your HTTPS Persistence rule is correct and if you leave it in place you should not have any issues. You modified the default rule and 2/3rds of your traffic will go out WAN1 and the other 1/3rd out WAN2.

The factory “Default” rule of Auto uses the lowest latency algorithm and will always try to route traffic out the connection with the lowest latency in real time.

Do you have any outbound firewall rules in place?


#7

That’s the thing though I have had these problems for weeks and weeks with the HTTPS Persistence in place (and actually stopped using the router for awhile b/o it) but somehow today things have been working. I guess it might have been going back to 6.2.0 firmware because I did a factory settings reset when running 6.2.2 and didn’t change any settings and still had the issue. Yep, I have had the issue with auto, 10:0:0, 10:5:0, 10:1:0, or whatever I put there. I was just trying this out to speed up the connection at times until I get a 100mbps connection installed but obviously that weighted balance could cause some issues, too, so I will switch it back to auto. Anyways, it seems to be working still. I will post again if I notice anymore issues. Thanks for your help!


#8

Thanks for the update, glad it’s working now :up:


#9

No problem. Yep, me too! Thanks again!


#10

OK, so I think the HTTPS issue has finally been eliminated by TK Liew. Thanks, TK. However, I started having lots of DNS errors after the last settings adjustment he made (it was fine after he did it but it kept getting worse and worse). I was able to eliminate those by doing a factory reset and everything seems to be fine again (and I really hope it continues).

However, I came across another issue and one that might have been causing some of these issues before. It has to do with my PepwaveMAX OTG (which is WAN2 on my Balance One) so maybe I should post this elsewhere. Anyways here is the issue with the MOTG…

I am using Wifi as WAN with a hotspot device that doesn’t allow for tethering. It works fine most of the time but I live in a mediocre signal area so the signal is not always consistent (especially with bad weather that we are currently experiencing). Anyways, after I did the factory reset on the Balance One, I ran the “Setup Wizard” and connected to the MOTG and with the factory settings still intact, the WAN connection of the Balance One vanished (i.e., total loss of Internet connectivity).

I investigated and found that the Wifi as WAN on the MOTG caused it. The Wifi as WAN device clearly was not connected to the 3G or 2G or any network (and obviously connecting other devices directly to it, resulted in no Internet). It not only had no bars of signal strength, it also was showing an error that no network was available. However, the MOTG was showing that it was passing its health checks even though it clearly shouldn’t.

As soon as I disabled the Wifi as WAN as an active WAN on the MOTG, the WAN connectivity to the Balance One was instantly restored. Below are the settings that I am using for it on the MOTG but I don’t know how they could result in a passing health check when there was absolutely no connectivity on the device but I am pretty burnt out now after dealing this and some other stuff today so I am not thinking too clearly at the moment (long day haha)…

Therefore, I am not sure if the Health Check is working on my MOTG or if I need to change the Health Check settings or what but any help with this would be greatly appreciated. Thanks.


#11

The hotspot is performing a NAT and it issues an IP address and DNS servers to the Balance One. The Balance One is doing its healthcheck to the DNS server of the MOTG and in turn the MOTG is using the hotspot for healthchecks, so it will always pass the healthcheck regardless if the hotspot has any cellular connection.

To fix this you should change the healthcheck DNS servers on the MOTG to something else like 8.8.8.8 and 8.8.4.4


#12

Thanks, as a side note, I was just talking about the health checks for the Wifi as WAN connection on the MOTG and wasn’t even considering the Balance One and its health checks before with my previous settings. Anyways, I switched them to Google’s DNS servers and it was failing its health checks on the MOTG even though the Internet on it is working just fine on that device (tested before and after with other devices connected to it and had no issues)…

However, I just tried the ping test and it worked. Thanks again.


#13

Hi,

Certain ISP doesn’t allow DNS query directly to 3rd party DNS server. So DNS health check is not suitable in this environment. Your WAN5 of MOTG is a good example on this based on my checking.

Since you mentioned ping test is worked for Wifi WAN health check, please use it as your health check method.

Thank you.


#14

Yep, I already did and everything is working better than ever. Thanks again!


#15

Hi,

Glad to hear that and thanks for your effort! :up:


#16

Thanks and thank you for your effort and all of your help!