L2TP VPN ports with EC2 hosted FusionHub

We have our FusionHubs hosted on AWS EC2. We own about 100 MAX HD4s that are generally out in the field supporting live broadcast events. Almost all of these units connect to a SpeedFusion VPN so we can do cellular bonding. We do custom UDP & TCP forwarding to these units all the time, so I’m comfortable with that process.

But I can not get L2TP IPSec to work between public internet client and a single HD4. Tried desktop & mobile. On the EC2 side, I opened up UDP 500, 4500 & 1701 from the outside world. On FusionHub side, I fwd those 3 ports to the MAX HD4. No dice.

Anyone have tips?

I recall there are some buttons to push for service passthrough on a Balance if there is a VPN server behind it, I wonder if the FusionHub is trying to terminate the IPSEC itself as SF will use UDP4500 by default for the data payload (again, IIRC!).

Could be worth doing a quick PCAP on the hub and HD4 to see if the traffic is being relayed correctly, or if it is stopping at the hub.

1 Like

FusionHub forward L2TP & IPSEC to HD4 ? This sound uncertain to me, do you have the sample configuration and design ?