Hi,
I am hoping that my question is not too “noob” or I have overseen something in the manuals.
A customer of mine wants to use peplink routers in a lager scale.
We are talking here roughly about 250-300 routers in the field.
Unfortunately, due to security concerns, it’s not allowed to use the cloud hosted Incontrol.
I have already deployed the Incontrol on premise version with in our network, which at least boots and configures the database.
Afterwards the struggle starts.
-
Due the hardened enviroment I have to pin all needed external ip addresses for incontrol.
I have found the following : https://download.peplink.com/resources/ip_addresses.json
Does this list is also applicable for the selfhosted incontrol or are there any additonal ressoruces needed? -
There is no “free” internet access within the enviroment.
I have to configure a proxy server if somekind off http traffic needs to reach some sites / apis
Is there a way to configure outbound proxy servers within incontrol? -
Privat incontrol instance on devices (fusionhubs and routers)
If I enable the option that there is a private incontrol instance, what i need to configure here as “target” ? Is it also possible to use the IP addresses?
Which of the following two would be the right apporach for the routers:
- External IP of Incontrol
- External DNS name
What about the internaly hosted fusionhubs? - Internal IP of incontrol (same subnet)
- External IP of Incontrol
- External DNS name
Is there maybe somkind of howto / walkthrough available from peplink where there is described what exactly needs to be opened on the firewall to operate incontrol in a hardened environment?