I have a situation where I need to deploy a Peplink Balance One behind an existing firewall. However, this location is the destination endpoint for two other locations to connect to for PepVPN connections, as those two locations do not have public IP’s, while this location does.
I’ve tried opening up the ports cited in this document http://www.peplink.com/knowledgebase/configuring-speedfusion-behind-a-firewall/ but things don’t seem to be working correctly. I never seen the VPN connections complete successfully.
If I completely remove the firewall and only use the Balance One, the VPN connections establish very quickly and never have any issues.
Does the Balance one have to accept VPN connections only on WAN connections/physical ports, or can it be configured to accept them on LAN connections? This may be part of my problem - which IP/network to NAT the VPN connections to from the firewall.
Recommended configuration for this setup. Preferably I would like to not use the WAN connections AT ALL on the Balance One and have it’s LAN ports used for LAN as well as the inbound VPN connections.