Inncontrol access when pepvpn is connected

ReTAKE · November 20, 2014, 4:10am

Hi i have a wish.

We have a fusion hub in the office that the HD4 boxes connect to. We use pepvpn on them. When connected i lose them in the Incontrol site, so i cant edit them from HQ.

Is it posible to make an update where you can say, LAN port 1 where we have an IP that is forwarded from the SAT to the box, that it can connect around the pepvpn and let us have access?

Or is it posible to have it connect throug the VPN to the office and then to the Incontrol?

Fusion hub is located behind a Cisco firewall and a Cisco switch.

We need this sins we uses tech as Riverbed and Allot that we need the connection routed throug so we can optimise and limit users access to programs etc.

/Nick

TK_Liew · November 20, 2014, 10:57am

Hi,

Have you enable “Send All Traffic To” in HD4? Please go Advanced > SpeedFusion to confirm.

Please take note HD4 and FusionHub are connect to InControl2 with outbound Udp 5246 and Tcp 443. Please ensure no blocking on this 2 ports.

ReTAKE · November 20, 2014, 3:16pm

Yes Send All Traffic To is enabled.

TK_Liew · November 20, 2014, 4:03pm

Hi,

May I know any blocking for outbound ports Udp 5246 and Tcp 443 in front of FusionHub?

ReTAKE · November 20, 2014, 4:08pm

from the public IP we have forwarded all ports to the FusionHub right now.

also the FusioHub have full access to the internet no restrictions.

ReTAKE · November 20, 2014, 5:38pm

is it posible to send the conf files from the fusionhub and the HD4, maby this will give a better Picture of the problem?

TK_Liew · November 20, 2014, 6:51pm

Hi,

Please open ticket for us to check further.

ReTAKE · November 25, 2014, 5:48am

I have opened a ticket and i have allowed for you to access the hardware.

arturogerez · November 27, 2014, 8:40am

Hi Liew:

I discovered this issue some time ago. I have a B710 on central office that the default outbound policy is not having internet. So I added an outbound rule that say:

Destination: peplink.com
protocol udp 5246
alg: priority with all internet.

And another for push notification

Destination: push.peplink.com
TCP 443

With this two rules, I can get the notification for router utility and IC2 stats for the central device.

But, when I depoyed remote units, I wrote an outbound rule to send everything to central unit by SF. I discovered that those rules wasnt being followed and the remote unit couldnt send notification nor IC2.

What I did was in every remote unit wrote this rules, but I think this is a bug, because remote unit traffic should go out to peplink.com because the source is ALL.

Ticket number is 743061