Hi All,
I am working on a peplink router MAX BR1 Pro and I would like to route all traffic from cellular to my server in lan. For now, the peplink router can ping the server in lan interface but PC cannot route the traffic from cellular in private APN to firewall.
May I know any method that can achieve the following design? Thanks
If I understand you correctly, you wish to route inbound traffic from a cellular network through your “Pro” to your server. That is not likely to work because of the cel companies use of Carrier Grade Network Address Translation or CGNAT. You are essentially living behind their NAT firewall. A search of the Forum will reveal numerous discussions of this.
There are at least three solutions (and others may have more ideas):
Please let me know if I misunderstood your dilemma.
Hi Rick,
Thanks for your help and information. Those SIM cards have their own fixed IP address from ISP and all of them can set their gateway to the 4G router cellular IP. Thanks
In your diagram is the “4G router” the Peplink or is that the Firewall?
Is there any NAT configured between the 4G router and the firewall?
By default Peplink will be configured to do NAT, so if the 4G router is your Peplink the cellular interfaces are possibly performing NAT on packets that arrive at them.
Sounds like you probably just need a 1:1 NAT config on the Peplink to pass that arrives at the the 202.x.x.x address configured on the cellular side of the 4G router through to the 172.21.x.x address of your server?
If you confirmed ISP level will able to help you to route the 172.21.x.x/24 network to the the BR1 Pro 5G Cellular WAN, you can consider the “IP Forwarding” setting for the Cellular WAN.
IP Forwarding mode will allow the traffics route from WAN to LAN without NAT. You need to make sure ISP level is doing the correct routing to the BR1 Pro 5G Cellular WAN.
