Hi
I’m trying to setup a Layer 2 tunnel initially between a Balance 20x and Fusion Hub, which I believe should be possible from everything I have read.
I’ve created the tunnel from Incontol2, and initially it comes up fine.
When I then goto this page and select Layer 2 for that particular tunnel
The tunnel drops out and try’s to connect, but is never successful
I’ve tried this on a couple of versions of both Balance 20x and Fusion hub
Currently using the following
Balance 20X 8.1.1 build 4990
Fusion Hub 8.1.1 build 4982
But also tried with Balance 20X 8.1.0 build 4938, and Fusion Hub 8.0.2s032 build 1667
What am I missing?
I’ve followed this article https://forum.peplink.com/t/how-to-configure-layer-2-speedfusion-vpn/8279
Thanks
Mike
Have you set the VPN profile to be layer 2 on both the Fusionhub and the Balance 20x?
I’ve not…but where on earth do you set that?..
I can’t find anything obvious on any of the VPN pages on either the Balance, FusionHub or inControl.
Thanks
Mike
If you want Layer 2 VPN to work the devices at either end of the tunnel need to be told to treat the VPN as a layer 2 tunnel (instead of layer3). I made a video a while back showing how to do that between a pair of devices https://peplink.ninja/2020/06/04/using-sd-wan-as-a-long-distance-ethernet-cable/
Your screenshot above shows you setting the Layer 2 profile for the Balance 20x and assigning it to the LAN VLAN there. You will then need to do the same at the FusionHub end.
The Fusionhub is a little different in that it can be deployed 1 legged with just a WAN and so without a LAN port. As such, the layer 2 settings are not in the ‘LAN’ section. Instead navigate to Network > VPN | SpeedFusion scroll down to the PepVPN settings window and click the blue question mark then click the link to show the Layer 2 settings:
Thanks Martin.
Ok, after a bit of playing, I managed to get a Layer 2 connection between 2 x Balance 20X’s working as shown in your video… (although I used a VPN setup from within Incontrol2)
…however if then try to do via FusionHub using a VPN created from Incontrol2, the option to enable Layer2 PepVPN Bridging is not shown
If I remove all the InControl2 VPN’s from that FusionHub, then the option you highlighted above appears (and if I create a manual VPN the Layer2 tunnel works)
So it seems unless I’m missing something else, you cant do a Layer2 PepVPN to a FusionHub if you create the route from Incontrol2?
Many Thanks
Mike
You can create L2 profiles in IC2. When you are running through the creation process and you get to the Profile Options screen, tick the ‘Show advanced settings’ checkbox and then you’ll see ‘L2 Bridging VLANS’ as an option.
Hmm…I seem to be missing that option…
That was grabbed from a point to point link between a Balance 20X, and Fusion Hub both running V8.1.1
Change it to star (which is hub and spoke).
I only ever use P2P when both devices have public IPs that support inbound routing.
Most of the time we have a preferred site - like a datacenter or an office or a Fusionhub, which is where we want the other devices to connect to. That’s the site that sits in the hub role on a star configuration.
