Hi @mldowling
Thanks for this, I’ve just checked and all of my settings are already applied as per the guide you sent.
Including port forwarding setup on the Fusionhub for TCP 1701, UDP 500 and UDP 4500
Dan
Martin, I have created this setup thanks to the video you posted on Vimeo. PepVPN is working between my Fusionhub on Vultr and my BR1.
I am trying to take the next step which is to create an OpenVPN connection to the Fusionhub. This is not working. Is there anything unusual about Vultr with respect to firewalling inbound? I have not created any inbound rules on Vultr. It seems to allow all inbound connections.
thanks,
Dave
Hi Dave.
I expect you don’t have a LAN connection on the Fusionhub (you’ll need that so that DHCP can assign your OpenVPN client with an IP)? In Vultr add a private network to the VM and reboot the fusionhub.
If you do have a LAN / or if that doesn’t work let me know what error you’re seeing.
1 Like
Hi Martin,
Thanks for the reply. I do have a LAN setup on the VM, 10.2.96.0/20. I assigned 10.2.96.1 to the LAN interface. I also have the DHCP server enabled (check box) but did not adjust the IP range on that screen.
OpenVPN is just not answering on port 1194. I am looking at the client side logs (Tunnelblick on Macbook) and it just times out.
Why such a massive subnet?
I have openvpn working against a FusionHub on vultr with no additional settings other than LAN setup. This is currently running 8.0.1 build 1644. I’ll upgrade a test against 8.0.2
1 Like
Tested against FH running 8.0.2 build 1656 on vultr again - worked as expected.
You might need to log a ticket.
Assume your DHCP range is the same 10.2.96.0/20 subnet right?
2 Likes
I believe I accepted the default. I removed the private network and started over with a /24.
Does the attached screen look correct? Of course I have not filled in the user information.
I checked with Vultr and they are not blocking the OpenVPN port.
This is really weird. I can ping the server from outside. Vultr confirmed 1194 is not a port they would be blocking.
I must have something setup incorrectly that results in 1194 not answering. The OpenVPN server must not be running.
Not sure you have opened a ticket for this. If you want to verify whether the OpenVPN traffics reaching to the FusionHub, you can actually perform packet capture at the FusionHub Web Admin support.cgi page and open the captured files using WiredShark application to verify any traffics for port 1194 reaching to the Fusionhub WAN. If you did not to see any traffics for the captured logs, that mean the traffics is being blocked at the network level.
1 Like
Hi, thanks for this. I will give this a try.
Is there a way to look at a running process listing? I wanted to see if I could see the OpenVPN process running.
Here are the results. I started a capture on FusionHub and then did a port scan from a public website. I am not confident interpreting these results but it appears that the inbound attempt is visible in these results.
Lacking a way to verify OpenVPN is actually running, I’m not sure what to do next. I’m not supremely confident I have FusionHub setup “perfectly” and I suspect I have something set wrong that prevents OpenVPN from running.
I will repeat this capture test from my Macbook running Tunnelblick.
Do you followup the FusionHub captured results in support ticket ? Please include the packet capture file in the support ticket and support team will sure help you to verify on that.
The scan results screenshot that you share can’t conclude the issue because it’s only showing the packet/traffic received at the client device. There are a lot of router hops for the traffics to passing through when travel to internet so it can’t use to conclude the issue. The best ways is to check the traffics received at the FusionHub end and that will tell all the story.
Default when you enable the feature the service will be running. @MartinLangmaid have help a lot to verify whether this is related to firmware issue but look like not. Please followup using the support ticket.
1 Like
Hi, ok, I have uploaded a couple of files to the ticket.
One pcap file was created while I used a web based port scanner to hit UDP 1194.
The 2nd pcap file was created while I used Tunneblick on my Macbook.
Ticket 20040150
1 Like
A new firmware version has apparently fixed this. I can make OpenVPN connections now so I will now move on to the next step.
1 Like
Hi all,
Ok, I have a question about the OpenVPN setup on FusionHub.
Is there a way to setup OpenVPN on FusionHub to announce the route to the BR1 network which in my case is of course via the peplink VPN?
On my Macbook, I connect to FusionHub via OpenVPN. I can ping the FusionHub LAN IP (192.168.60.3). However, I cannot ping the BR1 IP (192.168.50.1). I’m presuming at this point that my Mac has no route to 192.168.50.0.
I can ping the BR1 interface from FusionHub.
I think I have setup OpenVPN server on other devices to do such a thing but I don’t see how to do it in FusionHub. Doing this would be the cleanest method in my opinion.
I am using the split tunnel configuration of course with Tunnelblick on the Mac.
thanks
Hi,
It appears this is not supported but it may be in a future release.
I did add a static route to the split tunnel .ovpn file provided by FusionHub. This works and is what I should have done in the first place.
1 Like
Can you explain clearly how you have that done ?
Thanks.
I followed your video and the steps above: created a FusionHub instance on a Vultr server then created a PepVPN connection between the BR1 and FusionHub.
From a remote laptop through the L2TP VPN connection I am able to login to the BR1 using its local IP address but I am unable to ping the local laptop connected to the BR1. I have confirmed that the local laptop is listed as a client on the BR1 status page, using the BR1 ping tool I cannot get a response.
I was under the impression that after hopping on the VPN from a remote computer I could ping any device attached locally to the BR1 (or any other device attached to the VPN).
Client list of BR1:
DHCP FusionHub VPN:
Remote Computer IP info:
PPP adapter L2TP VPN:
Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 10.32.0.103
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0