Configuring VLAN's over SpeedFusion VPN

Everything Else Ask Tim
1

I have two different Pepwaves:

HOMEBASE (Pepwave MAX BR1 MK2)
Default Network (10.0.43.1/24)
VLAN 21 (172.20.0.1/24)

REMOTE (Pepwave MAX BR1 Pro 5G)
Default Network (10.42.0.1/24)
VLAN 11 (10.11.0.1/24)
VLAN 15 (10.15.0.1/24)
VLAN 16 (10.16.0.1/24)
VLAN 17 (10.17.0.1/24)

I have a SpeedFusion VPN setup between the two and need this behavior:

VLAN 11 (Remote) – > Internet (nothing special, hit the Internet via Remote WAN)
VLAN 15 (Remote) < – VPN w/o Bonding – > VLAN 21 (HOMEBASE)
VLAN 16 (Remote) < – Bonding – > Default Network (HOMEBASE)
VLAN 17 (Remote) < – Bonding – > Default Network (HOMEBASE)

How do I do that?

2

VLAN 11 (Remote) – > Internet (nothing special, hit the Internet via Remote WAN)
That’s default behaviour.

VLAN 15 (Remote) < – VPN w/o Bonding – > VLAN 21 (HOMEBASE)
VLAN 16 (Remote) < – Bonding – > Default Network (HOMEBASE)
VLAN 17 (Remote) < – Bonding – > Default Network (HOMEBASE)

When the VPN connects, OSPF kicks in and shares details about available networks between your HOMEBASE and REMOTE routers. To confirm that, login to the webui on the REMOTE router, go to status SpeedFusion and you should see a list of the HOMEBASE networks / vlans listed next to the tunnel status.

So LAN devices on your REMOTE network will already be able to access all the VLANS on your HOMEBASE network.

If you want to restrict that use firewall rules.

1 Like
3

Thank you for that info, I see on Status > SpeedFusion VPN, I see the other networks… on both routers.

Three questions:

  1. Firewall rules, it looks like I should be on the HOMEBASE > Advanced > Access Rules > Internal Network Firewall Rules and block all the IP’s on REMOTE I don’t want to have access to the 172.20.0.1/24, correct?
  2. I think this is a bit of a different topic, but I would like to use the bonding service with the VLAN 16 (10.16.0.1/24). That is my work VLAN and I don’t want to be dropping any calls. I do have SpeedFusion Connect Protect running, is that what it is called? What is the best way to set it up? Can I limit it only to the streaming apps (Zoom and Slack)? Can I configure it to us HOMEBASE rather than Peplink’s servers?
  3. VLAN 17 (10.17.0.1/24) is for streaming (Netflix), what is the best way to make it’s default route be going back to HOMEBASE and then hitting the Internet? I want the streaming devices to see me at home still.
4
  1. Yes, that’s the right place.
  2. SFC Erik has a great video here https://www.youtube.com/watch?v=OjofNRpEuxw
  3. Relay mode. See https://www.youtube.com/watch?v=99XcwlDH-TA