Good day,
I have a 380 at location HQ
I have 310s at Branch A and Branch B
PepVPN connection from Branch A to HQ
PepVPN connection from Branch B to HQ
I notice now that Branch A and Branch B are able to talk to each other.
I don’t want this to happen, what is the best way to prevent?
Thank you,
Jason
Hello,
You can setup a inbound firewall rule on the 310’s to deny the LAN networks of either end.
Thank you for your reply
If I setup an Outbound firewall rule at Branch A, I can block traffic to Branch B
If I setup an Inbound firewall rule at Branch B, I cannot seem to block traffic from Branch A
I would rather have B prevent A from getting in.
My Inbound rule at Branch B is set as follows
Protocol : Any
WAN : Any
Source : 192.168.175.0/24 (Branch A LAN)
Destination: Any
Policy: Deny
My assumption would be that the rule “WAN:Any” does not care about VPN traffic?
Hello,
The below rules should work so Branch A cannot access Branch B and Vice-Versa.
These firewall rules should work, however you can also control this from the HQ 380 central location.
Hi Ron, that would be preferred!
I tried that first.
On the 380 I put both Inbound a Outbound rules to Deny Branch A subnet from Branch B subnet.
However, I am still able to ping from at PC at Branch A to a PC at Branch B
Jarid, that is how I have it setup.
Branch A (192.168.175.x)
Branch B (192.168.176.x)
Unless I’m missing something basic (always possible)
Hello Jason,
If you could open a support ticket one of our technical support members will be able to take a look and assist you to get everything working properly
http://cs.peplink.com/contact/support/
Thanks, That’s what I’ll do.
I have to get these out the door but will follow up with a support ticket next week.
Any resolution on this ticket? I am having the same issue limiting PepVPN traffic using rules.
I would check and make sure the devices are on current 6.2.0 firmware as well. If they are and there is still a issue, appreciate if you could create a ticket for support to look further.
Upgrading to 6.2.0 resolved the problem! thank you!!
Hi,
I believe this have been resolved.