Dear support
I have a Peplink 1350 which using speedfusion vpn to connect over 20 Max br1.
I have a Max br1 (A) need connect to peplink 1350, but don’t want this MAX br (A) to connect other BR1 device.
Can I do that? Mean any data traffic only can go Peplink 1350, but will not go other other Max br1 x 19pcs. Thanks
You can turn on VPN route isolation on the 1350 to stop all remote BR1s from learning about the routes to the other BR1s. It doesn’t stop them from being able to communicate but without OSPF advertising routes you would have to use outbound policy on the BR1s to send traffic over the tunnel to get traffic to flow again.
To block the BR1 from being able to access the others you would need to use the 1350 firewall. Create a new ‘internal rule’ there for source of the LAN network on the BR1 and destination any and set it to block.
If you don’t control the BR1 in question (so they could change the LAN IP) then use NAT mode Speedfusion profile on the 1350 with DHCP reservation so that the BR1 speedfusion VPN always gets the same IP then set the firewall rule to use that IP as the source.
If you
let say br1 ip 192.168.1.1 , then at 1350 internal firewall added source to. 192.168.1.0 network and deny all destination? because I must think it clearly befoe any test
thank
and i want to make sure ,not affect any traffic to pepkink1350,because I need transfer data , cam data to peplunk1350 lan computer ,thanks