Now that the MAX BR1 supports load balancing, is it possible to set it up with IP passthrough on the WAN port (I have a secondary router connected to the LAN port that handles my network’s NAT, DHCP, etc.) while load balancing with an LTE connection (no public IP on this one). Would this work? Ideally I’d have two devices plugged into the BR1’s LAN ports, a VOIP phone on the BR1’s subnet, and my eero router for my home network.
Also, I sure wish the BR1 supported SpeedFusion bonding… :-/
When in IP passthrough mode most routing functions are disabled (the BR1 acts as a Bridge) so no you won’t be able to load balance with that enabled.
Ah, I see… darn. Thank you for the info!
Hey Martin,
What about on an HD4 for example, if you do IP Passthrough on SIM1, and then have SIM2, 3, and 4 just as NAT. Can you assign the IP from SIM1 to the customer’s equipment but then still load balance or bond outbound traffic across all the other SIMs? Tried to enable that quickly remotely on a test device and it didn’t seem to disable or change anything in terms of routing functions. We have customer’s where they cannot use NAT or have an internal IP assigned to their existing router/firewall, it has to be external. We load balance or usually bond all SIMs through FusionHub but having the HD4 assign an internal IP to their firewall does not work and is blocked so has to be external. Thanks!
@kgarvey
Look like your requirement more on drop in mode Ethernet WAN deployment. Do you think drop in mode can meet your deployment use case ?
@leemoreau
Currently IP pass-through mode only available for BR1 series and other selected model. The main purpose for the design is to allow IP Pass-through WAN fail over.
Can you share more info for your deployment use case ? Maybe a network diagram that you want to achieve ? We can actually discuss more on the possible options base on the requirement.
Hi there,
I’m on a HD2 and HD4 right now, and when you click each cellular WAN, beside the IP option only NAT is available but if you click the question mark beside it you can select IP Forwarding, is that different from IP Passthrough?
Here’s basically the situation. The customer is using 4 LTE as primary, no wireline at all. Their corporate security policy will not allow them to use NAT, so if an ISP assigns them with an internal IP (like 192.168.5.x etc) to their Cisco WAN, the connection is blocked. It will only work if it is a public IP address assigned to their Cisco.
So we were told by Peplink that what might work is adding a Static IP to SIM1 and then doing passthrough to assign that IP to the customer’s Cisco router. All outbound traffic is bonded through FusionHub as their head office Cisco will only connect the VPN if it comes from a verified IP address, so had to use FusionHub since they use full tunnel VPN which as far as I know can’t just be load balanced across all SIMs, so we had to bond all 4.
So my other thought was to take a BR1, put a SIM with Static IP in it and enable IP Passthrough on it, and then connect the BR1 to the HD4 WAN1 and use WAN1 as Drop In Mode, to assign the Static IP from the BR1 SIM to their device, and basically be using now 5 SIMs in total. But then I saw the IP Forwarding option on each SIM on the HD4 and thought that was the same as the BR1’s IP Passthrough and thought I could maybe do this without putting a BR1 in the mix as well.
We also have this issue in general when bonding LTE as primary connections through FusionHub, as it seems most customers do not want NAT and expect FusionHub’s public IP to be assigned to their actual Cisco equipment.
Thanks!
IP Pass-through & IP Forwarding are two different feature. IP Pass-through use case work as described in previous post and IP Forwarding more to disabling NAT for the WAN interface.
Do you have more info for your deployment requirement ?
Is this a new deployment ? How the existing Cisco router connect to the 4 x LTE connections before you deploy a HD4 into the network ?
Do you have network diagram for the expected setup ? A network diagram may help us to understand the network components involve and the require setup.
The Cisco wasn’t connected to 4 x LTE before this since the HD4 is doing that. The customer had DSL with 1 Static IP before only getting 5/1, so that Static IP was assigned to the WAN port on their Cisco which passes their policy.
We have removed the DSL and replaced it with a HD4 with 4 x LTE, but that assigns an internal IP via NAT to the customer’s Cisco WAN port now, like 192.168.50.10 which doesn’t work for them. Any internal IP addresses are blocked from being assigned to the WAN, it must be an external public facing IP address. The Cisco then creates a site-to-site VPN back to their head office, through a DMVPN.
The customer needs a public IP, either FusionHub’s, or one of the 4 LTE SIM’s IPs assigned directly to the WAN on their Cisco, with all traffic bonded across the 4 SIM cards.
Can you provide the network diagram for better understanding?
Where is the FusionHub? At the customer’s head office?
The data plan of the 4 SIM cards come with public IP?
Do you need IPSec VPN over SpeedFusion?
Hello!
FusionHub is on Amazon AWS.
Data plan of the SIMs are public IPs but SIM1 is static IP, but all can get static IP if necessary. We do need IPSec VPN over SpeedFusion via FusionHub.