Hello! I have the following setup:
Peplink Balance 380 using 3 WAN connections at Site 1
Peplink BR1 Mini at Site 2
Speedfusion VPN connection with Star Topology, Site 2 is Hub and Site 1 is End point
At Site 1 there is an Outbound Policy to enforce all traffic to Site 2
Problem is that whenever Site 2 goes offline, Site 1 also appears as offline.
To counter this problem, I have created new Outbound Policies for each of the InControl IP addresses that I was able to find.
(added the setup picture)
However, the problem persists.
What am I doing wrong?
As far as I can understand, even when Site 2 goes offline, this should not affect the ability to use remote web admin for Site 1, as the InControl traffic should use the WAN connections directly.
On the row with the enforce rule, you need to have the following enabled:
Especially the top one is essential, as the default will drop all traffic when that rule is not reachable. With this setting it will go to the next rule which is the Default ‘Fastest Response’ rule.
Hello, this menu option “when no connections are available” is not available for Enforced rule (see screenshot). It is available only for other rule types.
Model: Peplink Balance 380
Firmware: 8.2.1 build 5134
Also, what I do not understand is that why the rules above - Peplink1… Peplink13 are not applied as they come with highher priority. Even though I have created specific rules for all IP addresses that I found to be used for InControl, the traffic seems to be still routed only through the last rule on the list.
I did further investigation, and I found that on the device at Site 2, there is the following session with destination 54.213.17.185:5246 → this appears to be the connection to InControl server. (screenshot)
I do have a specific Outbound Policy in the device at Site 1, which requires all connections to this IP address to be routed through any of the 3 available WAN connections (second screenshot)
However, this Outbound Policy is ignored, despite the fact that it is set to be a higher priority than the VPN connection.
Why? And how can I change the configuration in the way that the connection to the InControl server would be established through any of the WAN ports directly and not using VPN?
Update: found the solution.
Instead of “Fastest Response time” algorithm used “Priority”.
This solved the problem.
