FusionHub on AWS - Only routes to subnet, not full VPC

Brian_Burke · January 23, 2024, 9:32pm

I have FusionHub setup on AWS, connected to a Pepwave MAX BR1 MK2 in a star configuration. From the BR1 I can ping the FusionHub host using it’s private IP, and I can also ping other EC2 instances in the same subnet as the FusionHub. However, I cannot connect to any EC2 instances in other subnets of the VPC. The FusionHub is only advertising isn’t own subnet to the BR1.

The overall VPC is using 172.16.0.0/16, with the FusionHub in a subnet with CIDR 172.16.0.0/23 Another example subnet is 172.16.4.0/23

From the SpeedFusion status on the BR1 I can see that it is only routing 172.16.0.0/23, but I can’t find where to change this in the FusionHub.

MartinLangmaid · January 24, 2024, 12:55am

On the BR1 Set an enforced outbound policy for 172.16.0.0/16 as the destination and the speedfusion tunnel as the route.

Brian_Burke · January 24, 2024, 1:13am

Perfect, that did the trick! Would of course be nice not to have to go into each connected device to add this rule, but can’t have it all Thanks!

MartinLangmaid · January 24, 2024, 1:27am

You can push the outbound policy from InControl but the easier way to do this is with fw 8.4.1 on FusionHub (about to be released you can install the beta today) where there is custom router advertising in Advanced > Routing Protocols | OSPF & BGP.

Then you don’t need the outbound policy as the routes will be pushed automatically.