I have a Balance 30 LTE-A I bought in 2017 for my business and just purchased a Balance 20x to connect to my business from home.
I set up PepVPN using both InControl2 as well as locally on each router. Both ways connections are established and maintained.
On the Balance 20x network I am able to connect to web traffic on devices at work as well as ping those devices. I cannot however establish VNC or AFP connections to those same devices.
From my works Balance 30 LTE-A network I cannot ping or access any device on the Balance 20x network. Not even the Balance 20x itself.
I’ve read about NAT causing problems so I disabled NAT everywhere that there is a tic box for NAT. Except in the WAN tab. When I set Routing Mode to IP Forwarding all local machines lose access to the internet AND the PepVPN status goes to perpetual Connecting status.
My LAN IP ranges are set:
Balance 30 LTE-A - 10.0.2.1/23
Balance 20x - 10.0.0.1/23
So I don’t think I should be seeing any IP conflicts.
Both systems are on Comcast lines if that matters any. Both Comcast modems are set to pass-through.
I’ve tried every iteration of PepVPN settings I can think of and I’ve tried everything I’ve read that can cause VPN issues.
Internal Network Firewall Rules and Local Service Firewall Rules are set to default ANY Allow.
Both machines are set to current release firmware. 8.1.2
Can anyone offer some insight?
The first thing to check is can you ping the LAN IP of the Balance 20 from the Balance 20X and vice versa. If you can then the tunnel is up and working as expected.
The next thing to check is at the Balance 30 side. Is the Balance 30 the only gateway for that network? Do devices on that network have the Balance 30 LAN IP set as their default gateway?
1 Like
Balance 30 will not ping balance 20X. Balance 20X pings Balance 30 just fine.
Yes, the Balance 30 the only gateway for that network. (Behind the Comcast modem of course. Which is set to bridged mode.)
Most are served the gateway by DHCP. Anything static does have the Balance 30 set up as the default gateway.
Then routing across the tunnel is broken… if you look at the vpn profile in Status > SpeedFusion on the Balance 30, what remote networks are shown in the ‘information’ column? Can you see the 10.0.2.1/23 subnet listed there as available at the other end of the VPN?
Also check the WAN IPs of the Balance 30. Maybe it has an IP conflict with the range on the B20x.
1 Like
So turns out the tunnel is fine. Other machines can traverse the tunnel. But one machine cannot. It simply cannot ping out to the other side. It is however accessible FROM the other side. I have a ticket open. Hopefully they can figure out why this one machine is giving me trouble
So it turns out for some reason the iMac computer I was having an issue with worked as expected after I added the remote IP range to the routing table:
sudo route -n add 10.0.0.0/23 10.0.2.1
10.0.0.0/23 being the other side of the VPN and 10.0.2.1 being the local Peplink router serving PepVPN.
I still haven’t figured out why this happened. Other than two default routes I don’t see anything strange on the netstat -rn outputs. (And the two defaults routes are a mystery as well.)
Hope this helps someone else. Support was great as well. Thanks.