Hello all,
Good day.
I am currently working on setting up a FusionHub via AWS and Peplink Balance 210 connected through SpeedFusion VPN. Is there a way to configure NAT to route the AWS public IP (203.0.113.42 example) to the web server behind the Peplink Balance 210 via the SpeedFusion VPN?
What I’ve Tried:
With NAT configuration:
Port forward http port from 203.0.113.42 on FusionHub to the WAN IP to 192.168.51.100
On the B210 setup a priority based outbound policy rule for 192.168.51.100 as the source and set the tunnel to SG as priority1
Questions:
- Am I missing any configurations on the Peplink or FusionHub?
- Is it possible to use the AWS public IP to forward traffic to the web server behind the Peplink via SpeedFusion VPN?
Any help or suggestions would be greatly appreciated!
Thank you in advance for your assistance.
Hi…
AT 210…
Do a outbond policy… do a “enforced” 192.168.51.100 to speedfusion AWS.
at AWS
do a port forward tcp/8080 and server will be 192.168.51.100
do a firewall rule… allow inbond tcp/8080 to 192.168.51.100
Hope AWS allow you to use port http/8080/tcp.
1 Like
Hello MarceloBarros,
Can I confirm if the following settings are correct?
At 210:
At AWS:
okay… they are correct…
And the firewall rule? at the AWS SFC side?
Allowing http/8080/tcp from any to 192.168.51.100 ?
1 Like
Hi MarceloBarros,
The issue persists, it is still not working.
Inbound rules:
The outbound rules are configured to allow all traffic.
first, i hope that last line is a DENY any/any, not an allow 
please check that just to be sure, since it’s tagged to another security group.
Second, you need to create a rule permitting tcp/8080 with a source of 0.0.0.0/0 (any). this is why it’s not working, AWS is not permitting tcp/8080 to hit your fusionhub because there is no rule allowing it.
hello…
remember… I wrote…
Allowing http/8080/tcp from any to 192.168.51.100
and @ChristopherSpitler wrote the same…
You forgot the rule 8080_tcp from any to the ip address of your server.
1 Like
Hi @MarceloBarros @ChristopherSpitler,
Are you referring to the rules on AWS or B210?
AWS Outbound rules:
AWS Inbound rules:
I tried to allow all traffic on my FusionHub on AWS but the issue still persists.
Hi…
You need rules at Fusionhub, below
Allow from any (internet) to tcp/ip address of your server, port 8080 , tcp protocol, ip destination (you server behind bpl-210) 192.168.51.100
also.
At bpl-210.
Outbond rule, forcing 192.168.51.100 force traffic (tcp/udp) to speedfusion that you have to AWS (FusionHUb).
and…
Sorry… but I cannot provide to you instructions, about what you need to configure at AWS firewall.
okay?
