Hi all,
InControl2 manages devices by adding their serial numbers instead of their IP addresses. How does the system identify a device’s current IP address for communication and management? I would like to understand the underlying operational principles and the specific protocols or services used to achieve this.
Best regards,
Kevin
That’s a great question!
InControl2 uses a device-initiated architecture where Peplink devices are factory-configured to establish outbound connections to InControl2 servers (ac1.peplink.com or ac2.peplink.com) over UDP port 5246 using AES 256 encrypted communication. The system doesn’t need to track device IP addresses because the devices proactively “phone home” and maintain persistent tunnels to the cloud platform. Each device is identified by its unique serial number through mutual verification between client and server, and when you initiate remote management, InControl2 commands the device to create a secure SSH tunnel over TCP port 443 or 5246 for web admin traffic. This reverse-tunnel approach works seamlessly regardless of whether devices are behind NAT, have private IPs, or change locations, since all connectivity is outbound-initiated from the device side.
@Michael explains it well here: How does device communicate with Peplink InControl 2?
Hi Dadi,
I got it,
Thank you for your reply.
Best regards,
Kevin