PepVPN how to see all IPs on other end of tunnel

bracurrie · June 10, 2020, 8:49am

PepVPN is established using IC2 and I can ping gateways from either router but no other addresses.
I apologize of the networking 101 question, but I am untrained in the ways of IP subnets etc.
Thanks
Brad

MartinLangmaid · June 10, 2020, 9:33am

I suspect that your Lan devices don’t have the Peplink Lan IP set as their default gateway. Is that possible? Do an ipconfig to check.

bracurrie · June 10, 2020, 9:57am

The default gateway is configured on the devices by the DHCP letting and it is correct for each LAN.

MartinLangmaid · June 10, 2020, 10:39am

OK so all the devices on the LAN of the Peplinks are all getting DHCP from the peplink so the default gateways are set to each Peplink yes?

Go to the status page on each router click the speedfusion /pepvpn link to show tunnel status and learnt routes. Does each device show that it knows what subnet is available on the LAN of the other device over the tunnel?

bracurrie · June 10, 2020, 10:55am

Each router reports that the PepVPN knows the subnet of the other. I can ping the gate ways but not the other clients.

MartinLangmaid · June 10, 2020, 12:27pm

Then potentially your clients have software firewalls enabled that don’t allow traffic from private networks other than their own. If they are windows clients, drop the firewall on a remote LAN device and see if you can ping it then.

Fundamentally, if

a LAN client at site A, has a DHCP IP allocated to it by the Peplink at Site A
if that client has its default gateway set to the LAN IP of the peplink at Site A
if inter vlan routing is enabled (if you have multiple vlans) and firewall rules are all as per factory defaults (allow any to any)
and you have the same configuration mirrored at Site B
and the two sites are using different subnets
and the lan device at site A can ping the peplink’s LAN IP at site B
and the lan device at site B can ping the peplink LAN IP at site A

Then VPN is working, traffic is being routed and the issue lies with the LAN devices themselves.

If it still doesn’t work, screenshot everything paste them here, or send them to me as a private message if you prefer and we’ll work it out.

bracurrie · June 11, 2020, 7:49am

You were quite correct that the device firewalls were the impediment. I am able to now reach and utilize non-firewalled clients.
One problem was that the PepVPN tunnels needed to age a bit. My anxiousness was also a problem.
Thank you Martin.