Hi guys,
could someone help me with the following:
I have set-up a Speedfusion link between my Peplink Balance Two and my Pepwave MAX BR1 LTEA. The link is perfect and working well. Behind the Pepwave MAX there is a Network Switch and behind that a few Gateways.
But how do I connect from an outside Public IP to the Gateways on the MAX?
And is it possible to give the Pepwave MAX the same Public IP as the Balance? Because they have the Speedfusion link…
Thanks in advance!
The way we would deploy something like this is to have a public ip on one site, and a vlan/untagged network that is accessible over the speedfusion connection. If you are using the same ip range at each site you would either have to do a layer2 or on the MAX click the ? under network settings and select virtual network mapping. This will allow you to map say 192.168.50.x to 192.169.50.x.
Then on your balance, where I assume your public ip is, do a port forwarding to an ip address that is accessible on the MAX LAN.
I’m not sure what you mean by gateways, but if there are other routers behind the max, you would also have to do port forwarding on them to get to the desired ip address.
I don’t think we have enough information to answer this question. Could you tell us more exactly what you are trying to accomplish?
On the MAX write an outbound policy rule to force all traffic through the Speed Fusion link. That will force everything to hit the Balance Two before it goes out to the internet. The outside world will only see you as the external IP of the Balance. You’ll probably lose some speed in the process but it will accomplish what you want.
This is the situation i’m working with.
With the IPAD I have to control all the Device’s on port 80 and 8080.
Unless you have 12 unique IPs on the WAN link at the balance you will need to do port mapping as well as forwarding here, is that an option?
As in can you tell the iPad that device 1 is at a.b.c.d port 81 + 8081 for example where a.b.c.d is the public IP of your balance and let the balance map port 81 to port 80 on the inside. Device 2 would map 82 + 8082 and so on.
With regards to the port forwarding configuration at the balance is there NAT enabled on the PepVPN profile between the balance and the max? If you are can you re address stuff to get rid of it, as otherwise you would need to map the ports on the balance to the PepVPN peer IP of the Max and then port map/forward them again on the Max.
Assuming no NAT on the PepVPN and that port mapping is an option you just configure the port forwarding on the balance and tell it the “server” IP address is the device you want, repeat this for every device and port mapping combination, incrementing the external port each time.
Another approach to this which may be less work (and potentially more secure) would be to setup a remote access VPN on the balance and have the iPad connect to that, it could then directly access the devices connectd behind the PepVPN > Max (again assuing you are not doing NAT on the PepVPN profile).
This isn’t possible because the Max doesn’t have a static Public IP Adress if I am right?
This is possible! I will try it right away!
Do I have to make an Port Forwaring from the Balance to the Max?
Because the Port Forwarding you are suggesting is on the Balance?
No, but your Balance does - the iPad would connect to the Balance and access the devices connected to the Max via the PepVPN link.
You would do the port forwarding configuration on the balance as you are trying to forward a port from the Public IP of the balance WAN to a device connected behind the PepVPN on the Max.
