Can't connect two Max HD2 units without SpeedFusion

I can’t connect two Max HD2 units without SpeedFusion.

I’m using another configuration (vs. the configuration I posted in a separate post) where I turn SpeedFusion off and try to connect two networks. I use roughly the same configuration I had when I had SpeedFusion turned on and everything works. See the diagram below. There is a 802.11 radio on the WAN 1 connection and I’m using the cellular connection.

I want the Max HD2 to route traffic across the WAN 1 connection primarily and to rely on the cellular connection as a backup when the radio fails.


SO I turned SpeedFusion off and the Peplink unit does not route traffic across the WAN connection. I can ping across the the other WAN or LAN port, but I can’t access anything on the other sides network. I played with the outbound policies to try to use the WAN 1 connection and with or without the cellular. I removed firewall rules to allow anything, but still nothing.

Any idea what might be going wrong? What is SpeedFusion doing here that isn’t being done without it?

Thanks

You mentioned this works with SpeedFusion so I suspect that is because there is no NAT when going through the VPN. The HD2 does a NAT from LAN to WAN so that is what is different.

That was part of the problem. Thanks a lot for your help, Ron. I changed my WAN connections to use IP forwarding and I am now able to communicate between the two networks.

One remaining problem I have is that I can’t use the Peplink Web admin across this connection. As it is I have to access each from it’s own network. I removed the firewall rules and made sure the Web Admin Access is set for LAN/WAN. Again, it worked when I used SpeedFusion. Any idea what might be going wrong now?

When this worked through SpeedFusion did you use the internal LAN IP to reach the remote HD2? To access web admin from the outside make sure you are going to the outside IP address.

Ok, that’s probably it. I used the LAN IP address. I’ll give it a try tomorrow. Thanks

I have another issue. Using the above network diagram my LANs are only networked when the 900 MHz radios are connected (because I turned on IP Forwarding on both the 900 MHz and cellular connections.) For the cellular connection, though, I fooled myself into thinking it was working but I wasn’t. For the health check I pinged the ip address of the remote sim and that worked but I couldn’t really reach anything behind it. so now I’ve modified the health check to ping one of my network devices.

So when it’s just the cellular connection I still can’t communicate between these networks. I tried with NAT and without NAT, neither seemed to work.

Any idea what I need to do here?

Thanks.

By the way, I really appreciate the fantastic responses I’ve been getting on the Peplink Forum. It’s perhaps the best product forum I’ve ever used.

Hi,

End to end reachability via Cellular is bit trouble if compare with radio connection. If Cellular interface at both end are getting public IP, you need Port Forwarding on either side. Else you need to get ISP to involve to allow the required ports.

Since your objective are end to end communication and failover between Radio and Cellular connection, I strongly suggest to enable SpeedFusion Hot failover between these 2 sites. Below is the settings for SpeedFusion Hot failover. Advanced > SpeedFusion > Select SpeedFusion profile > WAN Connection Priority.