PEPVPN Master/Slave deterministic control


#1

Hi there.

It would be excellent to have a way to explicitly instruct which end of the tunnel is to ALWAYS act as initiator of the tunnel setup (a checkbox that says “Master” for example ?) so that we can easily determine which end will open the TCP session to the other and act as “tunnel master” for the setup procedure.

Many thanks,
Dana


#2

Hi,

The unit with “Remote IP Address” will consider an initiator (client). Please find the screen shot below:-


The unit without “Remote IP Address” will consider an Receiver (Server). Please find the screen shot below:-


Hope this help.


#3

I was thinking about this concept the other day. Since you’ve posted a nice screenshot here showing PepVPN set up, I’ll hijack the thread and post this here, although it’s certainly a related topic. I hope Dana doesn’t mind.
Is there ANY benefit whatsoever to entering remote IP addresses on BOTH ends? Doing so obviously means that an admin will always have to remember to change the address if EITHER side changes an ISP, where as if it is only entered on one device then changing the entered address would obviously only be needed if the device for which the address is entered changes ISPs. That’s one very minor drawback to entering remote IPs on both devices.
But is there ANY benefit to entering them on both ends? For example, I don’t know, maybe the connection is re-established a little quicker after a device reboot? I’m just trying to come up with a possible benefit. Maybe there is no benefit whatsoever to entering IPs on both ends, but I just wanted to pose the question.
Do most admins enter IPs on both ends, or just one end?


#4

Hi,

SpeedFusion relies on Tcp 32015 to establish the tunnel. By entering Remote IP at both end, you will having benefit if Tcp 32015 is blocked at server site (HQ).

Hope this help.