Are you stating that you have configured the device to accept Web Admin Access via WAN port and it is not accepting traffic incoming on the WAN-side? Are you able to work around this by utilizing inControl Remote Web Admin feature? That could negate the requirement for accepting incoming traffic on a wan interface…
Or are you talking about clients of the device not being able to access some sort of “Captive Portal GUI screen” which is part of the upstream connection, thereby preventing traffic through said connection because no one is “accepting/logging-in” the captive portal GUI page… there are solutions to this as well, like disabling health checks.
I believe the “web admin access port” settings are at default = “Lan only”. I’ve been installing peplink routers for 10 years and haven’t paid attention to this setting.
Correct, the clients on the network are not able to access the “GUI screen” for WAN1 an upstream connection (it is not a captive portal page).
For example;
If you had a BR1 (192.168.100.1) handling the cellular connection, that is connected to a WAN1 on a Balance 305 (192.168.50.1), a client on the 305 network (192.168.50.x) can ping 192.168.100.1 but can not reach it.
What if you configure the Outbound Policy with a rule for each of the particular upstream device GUI IP destination and enforce those use the specific WAN interface?
The outbound policy on 2/4 are default. The other 2 have a policy to link voip traffic to WAN 2.
I’ll try your recommendation the next time we encounter the issue.
I haven’t set up the test bench yet - but I have tested two client networks (via teamiewer to service laptops at client sites) yesterday and today = no issues.