Ok ! another treasure chest hidden behind a big “?” 
I’ll play with it a bit and give feedback. Balance L2 had some limitations in multi customers deployments. Let’s hope this will help.
3 Likes
Beta firmware upgrade went very smooth but I am unable to find the page with the PepVPN settings.
I am running Solo_VPN so not sure if that is the issue or not?
1 Like
Note that the new local service firewall rules solve the problems with failing PCI compliance scans, as well as actually improving security/eliminate DOS attacks on those ports.
1 Like
Loaded new firmware and have a bug. I clicked the “details” button for my WiFi as WAN 2.4 GHz connection and its stuck trying to load the page (see attached screenshot).
1 Like
Does this beta support remote SIMs?
Love the features been added!
Thanks
2 Likes
Can we combine L2 and VRF? To have on the same hub multiple l2 customers fully isolated.
1 Like
another bug that i have discovered… i turned remote assistance off earlier… and now its back on by itself…
1 Like
Additional information about Layer 2 SpeedFusion on FusionHub:
2 Likes
Hello and Good Day to All.
Update to firmware on Surf soho MK3 is a go.
So far so good.
But what’s the deal with the firmware will expire message at the bottom of the dashboard page?
1 Like
This is a beta and not intended for long-term “production” use. A GA release will be out long before then. FW that expires is generally intended to save people from themselves.
2 Likes
Upgrade to 70+ devices went well. Ran a Trustwave PCI compliance scan and passed.
6 Likes
[Updated diagnostic - Tunnelblick works on MacOS. Consolidated the failure case to one]
Possible OpenVPN server bug.
This is not based on a thorough and systematic empirical regime - consider it somewhat anecdotal.
Configuration:
FusionHub Solo deployed on upCloud instances.
Remote access turned on.
iOS and MacOS client devices:
MacOS Mojave 10.14.5 (18F132)
iOS 12.4
MacOS client/OpenVPN Connect v. 2.1.3.110
MacOS client/Tunnelblick v. 3.8.0 (build 5370)
iOS OpenVPN Connect client v. 3.0.2 (894)
Baseline:
Remote access using L2TP with IPsec.
Two are leaves in a hub, one with “send all traffic to the hub” on, the other being off. The third is a stand-alone (no SpeedFusion connections)
They function just fine (mostly - see below).
The connections used to be somewhat unstable, but with 8.0.1b2 the L2TP connection stability has improved significantly.
OpenVPN Connect client fails:
Change the remote access server from L2TP to OpenVPN.
Download the “route_all_traffic” profile
MacOS client/Tunnelblick:
The connection is established and works well
MacOS client/OpenVPN Connect v 2.1.3.110:
The connection does not get established. Times out and dies.
iOS OpenVPN Connect client: The connection does not get established.
Sanity check:
Enabled OpenVPN on a Balance One FW 8.0.0 with a SpeedFusion connection.
MacOS client/Tunnelblick:
The connection is established and works well
OpenVPN clients (iOS and MacOS):
The connection does not get established.
OpenVPN Connect clients on iOS and MacOS do connect to other OpenVPN servers.
1 Like
@zegor_mjol, we tested OpenVPN is working fine with FusionHub 8.0.1b02. Do you mind to open ticket for us to investigate? Please attention the ticket to me.
Thanks.
Done. Ticket # 9080579
[With a slightly modified diagnostic - I was able to get Tunnelblick to work on iOS after a bit of tidying up on the Mac side. The OpenVPN Connect client still refuses to work, on both MacOS and iOS]
1 Like
Just a suggestion… Are you using a dhcp server?
The FusionHubs are deployed on stock UpCloud platforms. WAN IP addresses are provided by DHCP, and the FusionHub itself has not been configured beyond the default setup.
More generally: Since the L2TP/IPsec configuration works well it seems likely that the issue is specific to OpenVPN. In the conversation following up on the ticket with @TK_Liew my conjecture now is that the issue is specifically with the OpenVPN Connect MacOS/iOS clients and the FusionHub profile. Other MacOS OpenVPN clients (Tunnelblick and Shimo) function well.
1 Like
Re. Possible OpenVPN server bug.
@TK_Liew has identified the problem. The issue is that the Peplink OpenVPN server has a compression setting that is incompatible with the iOS and MacOS versions of OpenVPN Connect.
He says that “We will turn off the compresson in the future firmware release. We target to do this in 8.0.1 which is running beta firmware now.”
The workaround on iOS devices is to enable the “Allow Compression” feature for the interim:
The workaround on MacOS devices is to employ an OpenVPN client which handles the compression settings (OpenVPN Connect on MacOS does not provide a compression setting). We have found Shimo to function, but we have not reviewed its overall suitability as an OpenVPN client.
Thanks to @TK_Liew and his colleagues for the swift diagnostic process.
3 Likes