I want to L2TP from a Windows/Mac client, to a FusionHub. The FusionHub has a NAT Mode PepVPN connection to a BR1. I’d like to be able to hit the web admin of the BR1, or via a port forwarding rule, access a device behind the BR1.
I can L2TP to the FusionHub just fine, however I can not access the FusionHub by its local IP, nor can I access a connected NAT Mode client. Its like the FusionHub is not pushing the routes properly to the L2TP Client.
DHCP Server on the FusionHub is handing out 10.11.12.x addresses. The L2TP client gets 10.11.12.1. The BR1 gets 10.11.12.2. Shouldn’t the L2TP be able to access the BR1? And if there was a forwarding rule on the BR1 for say, 8888 to 80, shouldn’t I be able to hit a device by 10.11.12.2:8888?
@MartinLangmaid I know you’re an expert in these deployments, maybe I can call on you for an assist
The issue is that you don’t have a LAN interface on the fusionhub in the same range as DHCP segment.
If you look at the status you’ll see that the entry shows the server IP as x.x.0.2 (the WAN IP) with the client as x.x.12.3
What this means is that the remote client device can route LAN to WAN fine (or LAN to PepVPN), but there is no Layer 2 segment between the remote clients and the remote user vpn.
Add a LAN interface to the fusionhub with an IP in the same DHCP range (x.x.12.0/24) and it will come right.
AH, okay we are on the right path. Conversely, what if i was to change the DHCP range the FusionHub is handing out to be in the same range, so have it hand out 10.0.0.x addresses as well?
Good question. I would expect it not to work, since WAN interfaces don’t support ARP broadcast from ‘LAN’ side interfaces. But then this is Peplink,and they can use obscure interface approaches sometimes…
