I have a Pepwave Surf SOHO with 2 active WAN’s and I’m trying to figure out how to send certain devices to certain WAN’s. I’m wanting to run my xbox’s on Verizon and everything else on T-mobile. I’ve been reading though the forums and found an outbound policy guide down below on this page, but I don’t have an outbound tab to click on. Do you have to have InControl to be able to access the outbound policy tab on a Surf SOHO? If I had access to that tab I think I could just add the IP’s of the individual devices and then tell it which WAN to use for that device, correct? I have the latest firmware as well, how do I get outbound policy to show up on my screen?
1 Like
are you on firmware 8.1.3? surf soho mk3?
Yes, it’s a pepwave surf soho mk3, on 8.1.3 build 5030. The guide shows you going to “Network” on the top of the page and then clicking on “outbound policy” over on the left side. This is located between “IPsec VPN” and “Inbound Access” on their screenshot. Their peplink page, starting from the top, starts with WAN, then LAN(with Network Settings and Port Settings below it), then VPN(with SpeedFusion and IPsec VPN below it, next is outbound policy.
My network page begins with LAN(with Network Settings and Port Settings below it), then below that is WAN, and below that is a logout button. That’s all I have. The guide was written a few years ago so maybe they changed up the menu since then. I still can find an outbound policy tab.
To the right of “network” on the top of the page, is there an “Advanced” tab? That’s where the rules are located on the max line of devices. (This is speculation since I do not have a SOHO mk3 To confirm.)
Yes, there is an advanced tab to the right of network. Do you know which tab I should use? The tabs on the left are Advanced(PepVPN, GRE Tunnel, Port Forwarding), followed by Nat Mappings. Next is QoS(Bandwidth Control, Application), After that it’s Firewall(Access Rules, Content Blocking). Under that it’s Routing Protocols(OSPF & RIPv2, BGP). Then below that is Remote User Access and finally Misc. Settings(Radius Server, Certificate manager, Service forwarding, Service passthrough, Group networks, and SIM toolkit). Any of those look like what I’m needing?
Might be easier if you post screenshots of each page of the admin panel you see clicking the buttons up top.
Hi @Jason_Se,
You will have to create two outbound policy rules. One for xbox which will be on the top of the list (outbound policy rules are matched from top to bottom) and the second one for the remaining users. You can use priority algorithm to achieve this, here is an example for Xbox rule:
Service Name: Xbox,
Enable: Always On,
Source: IP Address, specify your Xbox IP for example 192.168.50.90,
Destination: Any,
Protocol: Any,
Algorithm: Priority,
Priority Order: Specify in the first place (top of the list) WAN which you want to use. In your case Verizon. Remaining WAN links prioritise to your liking, but I would place the second WAN as T-mobile.
When No Connections are Available: Fall-through to next rule,
Terminate Sessions on Connection Recovery: you can enable or disable this option.
Remaining users rule should have two changes. Source should be set to any and Priority Order should have top WAN set to a different one, in your case T-mobile. I am attaching example to the reply. It was taken from Surf SOHO MK3 running 8.1.3 firmware.
1 Like
Thanks everyone for your replies, I really appreciate it. I’ll attach a screenshot to this post so you can see what I’m talking about. Does anyone know how to get outbound policy to show up so I can do what Rokas_Musteikis said to do? Do I need to change firmware? Is that screenshot from InControl? I don’t have that setup since my unit is out of warranty.
interesting, might be a bug. have you tried a different browser?
Okay, I just tried Chrome. I used Edge on the screenshot. Same result, everything looks the same. I’m wondering if my firmware downloaded correctly.
what firmware do you see exactly? have you saved config and tried a factory reset? i’d file a support ticket.
@Jason_Seib
Please try to install 8.1.3 firmware again, if that would not help, backup your currently used configuration file and try to factory reset this device. If both options would not help, please open up a new ticket so our support team could take a look at your device:
https://ticket.peplink.com/ticket/new/public
1 Like
I got it to work by following the steps provided by Rokas_Musteikis. The rules area is located in the PepVPN of the advanced tab section. Originally, when I clicked on PepVPN it only had a local ID box with a greyed-out name. If you click save on that box, it opens up the rest of the page which contains the rules area. It doesn’t say “outbound policy” anywhere but that is the correct outbound rules area. Thanks again for all of your help.
Does the Surf SOHO now support “2 active WAN’s”? The reason I moved away from the Surf SOHO to a Balance was that the Surf SOHO only supported failover, at least a couple of years ago. At the time, I even tried bringing up the configuration page for outbound policy by manually specifying the URL. It came up, but it didn’t cause the Surf SOHO to activate both WAN’s.
FYI, I was using Apple USB Ethernet Adapter Model A1277 for my second WAN which worked fine for failover.
@Mark9, Surf SOHO MK3 support these WAN connections:
1x 100/1000M Ethernet Port,
1x USB 2.0 Interface,
Wi-Fi as WAN.
All of these WAN links can be placed to priority 1 at the same time.
Here you can find more information about Surf SOHO MK3:
1 Like
@TK_Liew posted “SOHO MK3 is designed for WAN failover. Your requirement can be achieved by using Balance router. You did the alternative way to test the standby WAN” on 21 May 2018 in response to my attempting to make both the Ethernet port and the USB interface Active simultaneously on the Surf Soho.
https://forum.peplink.com/t/need-one-pc-permanently-connected-to-the-usb-failover-wan-on-a-surf-soho-mk3
Hence my question yesterday about whether or not the Surf Soho can now do two Active WAN connections at the same time since TK_Liew seemed to close the door on that in the Surf Soho. So either something has changed in the Surf Soho, or it was always possible, but perhaps I wasn’t going about it correctly in 2018.
@Jason_Seib: In my 2018 posting, I stated “Another possibility is that the Surf Soho doesn’t support custom Outbound Policies. I had to use the following URL to add a custom policy: 192.168.50.1/cgi-bin/MANGA/index.cgi?mode=config&option=outboundpolicy as you can’t navigate to the Outbound Policy web page using the Surf Soho web interface.”
@Mark9, SOHO MK3 is designed for WAN failover purposes by default. This means only 1 WAN is allowed for the same WAN priority. Since we upgraded our care plan with SpeedFusion Cloud - https://forum.peplink.com/t/care-plans-upgraded-with-speedfusion-cloud!/31595/1, you are allowed to bond multiple WAN links from your Peplink device to SpeedFusion Cloud automatically as long as the care plan is still active.
I grabbed a surf soho mk3. Concerns:
- I can confirm Outbound Policy is missing from the menu but I can access it at https://192.168.50.1/cgi-bin/MANGA/index.cgi?mode=config&option=outboundpolicy Can it be added to the menu so it can be accessed via normal navigation?
- I can confirm only 1 WAN can be in priority 1. I am pretty sure I did see Peplink employees showing multiple WANs i priority 1 in past screenshots but I could be wrong. Some definitely have said it should support multiple WANs in priority 1. Either way, is this a hardware limitation, or something that can be overcome with special firmware?
- There was a comment that multiple WANs can be done in priority 1 via speedfusion? Is this enabled both for a solo hub or only Speedfusion cloud?
Thank you.
Can you get both the WAN port and the USB to work at the same time? I set up two separate VLAN’s in 2018 on the Surf Soho MK3 with an Enforced outbound policy, one to the WAN port and one to the USB port. However, the VLAN to the USB port did not work when the WAN port was successfully connected. It only worked when failover occurred, i.e., the WAN port was disconnected.
This is fairly similar to the XBOX on Verizon and everything else on T-Mobile configuration which is attempting to be set up.
I don’t have a Surf Soho MK3 anymore, just several Balances.
SOHO MK3 is designed for Home office. It supports WAN failover only by default. So, Outbound Policy is not supported.
SOHO MK3 support WAN failover only by default. So, only 1 WAN is allowed in a WAN priority. I believe you saw a SOHO MK3 with SpeedFusion Cloud enabled.
I replied you at SpeedFusion Cloud and soho MK3 - #8 by mystery.