Accesing LAN on pepwave from public internet

Hello,

I have a pepwave connected to VZW cellular network. I have a device that is attached via ethernet to my pepwave, and I’m interested in connecting to that device remotely from the public internet.

My options as I understand them are:

  1. port forwarding + DDNS
  2. VPN

I’ve tried both configuring open VPN and port forwarding to no avail… i just want to make sure that I’m on the right track?

Welcome to the forum!
I suspect that you don’t have an IP address assigned to you by Verizon that allows inbound traffic. So neither port forwarding or accessing the device remotely using OpenVPN would work. I understand that you can pay for a public IP address on Verizon…

Alternatively you could set up a Fusionhub virtual appliance in the cloud (which will have a public IP) and port forward from that over PepVPN to the Pepwave LAN.

3 Likes

Thanks Martin, I’ve read a few of your responses on other posts here, they’ve been very helpful and I appreciate your response here.

I’ll give FusionHub a shot, thanks for the pointer.

1 Like

Is FusionHub Solo an option here?

You bet. Fusionhub Solo (free) on a Vultr server will cost you $5 / month

3 Likes

Ok I’ve run through the Fusionhub tutorial, I have everything working correctly, but I’m still a bit confused.

My goal is to be able to access the LAN of my pepwave BR1 mini from the public internet.

Now that I have a tunnel between my pepwave and the fusionhub, do I now need to create a similar tunnel between my laptop and the fusionhub so I can access LAN resources on my pepwave?

If I navigate to the static IP address on the fusionhub, I get routed to the fusionhub admin page (which I guess is expected). Do I also need to connect my laptop to the VPN?

For more info: I have DHCP reservations for two connected devices. I’d like to be able to access them independently.

There is another option if you have public ip’s on your WAN.

Use the remote user access and you’ll be inside your LAN with full LAN experience.

1 Like

Two ways. The most secure is to set up remote access on the FusionHub and create a user VPN to it using OpenVPN or L2TP/IPSEC VPN. Once your remote lapto is connected you will be able to access any LAN device on the BR1 mini over the tunnel between it and the FusionHub.

Or you can set up port forwarding on the FusionHub ef port 8080 on the Fusionhub WAN IP port forwards to 192.168.50.10 port 80 which might be an IP camera or web server on the LAN of the BR1. Then maybe port 8081 to 192.168.50.11 which might be a printer, or a web interface of a raspberry PI or whatever. In both cases you either want the LAN device to have a static IP or you want t set a DHCP reservation so that their IP addresses don’t change.

If you use Port forwarding - remember you are making LAN devices internet accessible so make sure they use usernames and passwords and are locked down etc.

3 Likes

Unfortunately I do not have a public IP on my pepwave WAN, it is cell connection, hence the need to go the static IP FusionHub / pepVPN route.

I’m trying the openVPN route. I had to upgrade the firmware on the fusionhub from 8.0.0 to 8.1.1 for the VPN connection to work, but I can now establish a VPN connection to my fusionhub from my laptop.

I’m still having trouble connecting to devices on the LAN of my pepwave from my laptop when I’m connected to fusionhub via OpenVPN.

The symptoms I’m experiencing are currently: when I connect to fusionhub via OpenVPN from my laptop (via my non-pepwave home router), my internet stops working… I can access the IP of the fusionhub, but I cannot access any of the LAN devices on the pepwave nor can I access any other web pages. I feel like I have something misconfigured still.

Maybe you can help me set my expectations correctly: When I connect to the Fusionhub via OpenVPN, I should still be able to access normal internet webpages, correct? And additionally, should I be able to navigate to pepwave LAN IP addresses allocated to my devices (like 192.168.50.XX) and access those devices? Or would there be a different way of connecting to LAN devices?

EDIT:
I also tried setting up port forwarding to no avail… I think I Might have something misconfigured on my BR1 now.

Yes, although what you want is called SPlit Tunnelling this is when only traffic for the remote site goes over the OepnVPN connection and the rest goes out direct to the internet. See here:

I can have a look for you. Just seen you dropped me a message on my website. Will follow up with you there.

2 Likes

Martin was a huge help and we got things working.

I needed to enable “private network” in vultr, then we needed to add a special route to my openVPN profile so openVPN knew how to route traffic correctly.

Thanks for everything, Martin!

4 Likes