Need help getting into LAN from AP One to MAX-BR1-LTE (speedfusion)

Hi, I got it this all to work before with some help but now the new firmware seems to have changed things perhaps. I am able to connect the two devices (my home device AP One AC Mini (HW1) on 3.6.1 build 1889), to the mobile device MAX-BR1-LTE MINI-LTEA-W (HW1) running 8.0.0 build 3455, but not able to see in past the MAX-BR1 to the devices on the LAN of the mobile unit (Which I can see on the client list).

I am using a DDNS on my main home router with port forwarding of both UDP and TCP 32015:32017, 4500:4502 and routed the traffic through a static IP Address on the LAN to the AP One.

Any suggestions?

thanks very much,

Larry

Hey Larry!
Assume you’re aiming to do the same as last time?

So to check:

  1. Is the PePVPN tunnel up between the BR1 and the AP?
  2. Is the AP still in IP forwarding mode?
  3. Assume your home router hasn’t changed?
  4. Did you change the IP addressing on anything?
1 Like

Hi Martin, thanks for your quick reply! hope you are well!

yes not too much has changed but

  1. yes, I have the PepVPN tunnel up between the BR1 and AP
  2. yes, its in router and IP Forwarding mode.
  3. No, Home router HAS changed. I am now using an ASUS RT-68U instead of the Verizon router. the Asus has a built in VPN which seems to be working and I changed the PepVPN profile on the boat to call that DDNS.
  4. I don’t think I changed anything on the IP Addressing but did need to configure the port forwarding and routing on the new router and the old router had died so I did not have access to it. I can send you the settings or screen shots if you think that would be helpful. I have access to the BR1 also through IC2 so i can administer it from home. thanks! Larry

one thing I notice is that I cannot ping my main router when I’m on the SSID of the AP One

Here is a link to the settings on the various devices in case you see something. I also changed the routing to be 192.168.10.0 255.255.255.0 192.168.1.249 WAN and LAN and changed the others .50.0 & .48.0 to WAN from LAN and back again to no success.

here is the link to pictures of the settings: [https://www.dropbox.com/sh/4ndtg2w8z2t8ykb/AABhyClaFVD3RRgtG6rxOytUa?dl=0]

thanks,

Larry

Yes all well here thanks Larry.
The problem is likely a typo on the static route for 192.168.10.0/24 on your Asus (you put .1)

Change that and test again.

1 Like

Hi Martin, thanks, yes I wasn’t sure about this as well. I did do this last night and it didn’t seem to help. I also tried changing from LAN to WAN on the interface column but didn’t seem to help. Finally I was able to ping from the 10.1 router (when I was in LRFlow, the SSID of the AP One) to the router 192.168.1.1 but not able to do so from a command window. What do you think is right? x.0 and LAN or something different.

Also, what do you think of the ports I set up? Correct or something different?

Thanks very much,

Larry

Larry Rosenfeld
Larry@TeamAdventure.org
Mob: +1-617-968-8100
Fax: +1-815-425-5189

SKYPE: larryrosenfeld

www.TeamAdventure.org

OK so ASUS Router:

OK so it definitely should be 192.168.10.0 not .1 so leave that. Interface is LAN, gatway is 192.168.1.249.
PepVPN is up, so we don’t need to worry about port forwarding.

AP ONE AC Mini config looks right.

BR1 This doesn’t have a route for 192.168.1.0. Add an outbound policy on the BR1 for a destination of 192.168.1.0/24 via the VPN tunnel.

1 Like

Hi Martin,

So I did put the routings back to what you suggested and that seemed to help between the .10.x subnet and the main network. So now I can get internet from either the LRFlow SSID (on the AP One router at 192.168.10.1) or my main SSID (192.168.1.1) and I can ping back and forth. So that seems to work.

I added the outbound policy but didn’t seem to fix anything.

One thing I noticed is that on the AP One if I use the serial number for the remote ID it establishes the connection properly but doesn’t seem to allow me to address any device on the .50 subnet. However if I change the remote ID on the AP One to the PepVPN profile name “FlowGB” then it will not connect, (Just shows “starting…”)
I tried the same thing on the other boat which is on the .48.x subnet with a different Max-BR1, added the PepVPN Outbound policy as you suggested and tried both accessing it through the VPN Tunnel using the PepVPN Profile ID as the remote ID and then tried with the serial number and neither worked for that one. Strangely that boat was working just prior to the change in my router and the upgrade of the firmware on my AP One to 3.6.1 and to the Max-BR1 to 8.0.0 . any changes in the firmware that might have caused this?

I added a picture to the dropbox in the Flow GB Boat Max-BR1 called FlowGB (Boat) Max-BR1 PepVPN Outbound Policies.png which shows what I did there.

Did it mess things up to add the OSPF settings or something else? I’m not sure why its not allowing me to connect directly to the devices inside the boat on the Boat LAN.

Thanks

Larry

Larry Rosenfeld
Larry@TeamAdventure.org
Mob: +1-617-968-8100
Fax: +1-815-425-5189

SKYPE: larryrosenfeld

www.TeamAdventure.org


MartinLangmaid

    October 15

OK so ASUS Router:

LarryR:
I did do this last night and it didn’t seem to help.

OK so it definitely should be 192.168.10.0 not .1 so leave that. Interface is LAN, gatway is 192.168.1.249.
PepVPN is up, so we don’t need to worry about port forwarding.

AP ONE AC Mini config looks right.

BR1 This doesn’t have a route for 192.168.1.0. Add an outbound policy on the BR1 for a destination of 192.168.1.0/24 via the VPN tunnel.

Just to update this post. Larry gave me remote access so I could take a look.

There was a typo on the LAN settings for the DHCP settings and the outbound rule on the BR1 needed changing to enforced and now its all working as expected. Almost apart from a weird autoconfig IP that gets learnt over OSPF and the fact that the AP needed to use the BR1 serial number and not the PepVPN ID in the profile before the BR1 would connect - not sure why.

2 Likes