I am trying to establish an OpenVPN to my Balance 20X which is behind an LTE-WAN here in Germany but it fails. Vodafone and T-Mobile have their network on IPv6. Could this be the issue as Peplink’s VPN works in mobile only via UDP IPv4?
Yes since IPV4 will certainly be behind CNAT so non routable inbound.
Thanks. That’s disappointing. Is there any plan from Peplink to cope with it?
Its a routing issue rather than a ‘Peplink’ issue. Lots of posts on here about inbound routing over cellular.
The approach I take is not to use openvpn at all and host a virtual appliance for inbound access over 4g networks. Setting Up FusionHub on Vultr – Martin Langmaid – SDWAN Architect
Okay, I abandon the OpenVPN route for a moment. I have a second Balance 20X at another location behind fiber as my “data center” (in inControl, center and remote are different organizations). I am not even able to establish a PepVPN between the two. Is this a similar network issue?
What happens when you try?
Doe sit have a private IP on its WAN? Maybe from the ISP router? If so you’ll need to forward TCP 32015 and UDP 4500 to the WAN of that Balance 20.
It has a public IP.
This is what I am seeing …
That status shows that the remote device can not build a tunnel to the one in your datacenter. It can’t start the tunnel build process.
See the ‘inControl Detected IP’ line? does that line on the device details page of the other B20x show the same IP as the one allocated to its Wired WAN?
Yes it does
OK. So if it has a public IP on its WAN there should be nothing to stop the remote balance from connecting to it and building a tunnel. The remote balance has the datacenter balances’ WAN IP in its profile I assume.
I wonder if the cellular networks are blocking UDP 4500, might be worth changing the data port perhaps.
Just sent you a direct message - I’d be happy to look at this remotely for you.
2 Likes
It is running now greatly thanks to your help per DM and remotely. I also have SpeedFusion now, Your help was very much appreciated. Many Thanks!
2 Likes