PepVPN between NAT'ed sites

Arthur_Chapin · November 4, 2022, 7:59pm

Hi,
I am in the process of configuring my sites and have the following

Home
-Comcast 1gb with public but dynamic IP
-TMobile Home (NAT gives out a 192.168.12.x address, can not be changed)
-Balance 20X Router w/ USB for TMobile Service

Cabin
-Starlink (gives out a 100. address, not sure if its publicly reachable, haven’t tried)
-TMobile Home (NAT gives out a 192.168.12.x address, can not be changed)
-Balance 20X Router w/ USB for TMobile Service

Boat
-Starlink (gives out a 100. address, not sure if its publicly reachable, haven’t tried)
-TMobile Home (NAT gives out a 192.168.12.x address, can not be changed)
-Balance 20X Router w/ USB for TMobile Service

Trying to configure pepVPN between all the sites, but it keeps failing to connect, does it require a publicly reachable IP on one of the endpoints to work? I am still in test mode so my Balance 20X is behind my Ubiquiti network I will be replacing versus straight off the Comcast modem. It would be great however if there was a way to use the cloud fusion endpoint to eliminate my house being a single point of failure for connectivity between the cabin and the boat. Is there a capability I am missing or what is the smartest way to set this up.
Thanks!

Rick-DC · November 5, 2022, 11:20am

Hi Arthur. Yes, a “publicly-reachable” address is required to get PepVPN/SPeedFusion going, although a static address is not needed . Peplink’s DDNS client works well. Just FWIW, you might want to take a look at this document if you have not seen it.

There is more than one solution to your dilemma but I think my first approach would be to spin up a SpeedFusion Solo in the highly-reliable cloud of your choice. (We use Vultr and it costs us US$5.05/mo per instance.) @MartinLangmaid and others have done some nice how-to videos, available on youtube. The Solo is limited to a single connection however you can get around this limitation if your 20Xs remain under PrimeCare, or at least two of them are, as they bring their own licenses with them.

Arthur_Chapin · November 5, 2022, 1:05pm

Thanks, FusionHub was exactly what I was looking for, was able to get it setup on aws without an issue and the VPNs are all working fine.
I used the evaluation license as it seemed to not expire for a year, should I have used the solo instead? All my Balance 20Xs will be under prime care.

Thanks much for the help.
AC