Port forward and static route with pep wave


i have a pepwave in remote location with 2 device connected via ethernet. For some reason they are disconnected from ethernet, only way to recover them is to connect to their hotspots.

i connected to one of the hotspot (said) via wifi-wan successfully, setup port forwarding but it didn’t work

  • when i try to add static route (with subnet of my device ) it says gateway is not in local network

all i want is from my laptop i want to ssh into 2 of my devices which are exposing hotspot that pep wave can see and connect via wifi-wan

can anyone help me.

might need a quick diagram with IP addressing to help here as I can’t help as I’m not sure whats connected to what…

Where is your laptop? How is the Pepwave connected to the internet?

i have 2 hotspots in remote location which are not connected to peplink, i want to establish wifi wan connection between them one at a time and ssh into them from my laptop.
hope this gives an idea.

small correction you can ignore , it’s ethernet port ip.

OK got it. So if that transit is connected via cellular, and the port forwarding you mentioned is from cellular WAN to the IP of the hotspot on the wifi WAN then the likely problem is that mobile network providers use CGNAT which blocks inbound connections so port forwarding doesn’t work. YOu could verify that by doing a port forward to the LAN IP o fthe MAX Transit itself and see if that works or not. If not - its likley CGNAT.

If port forwarding is working to get to the IPs of the hotspots when the wifi wan connection is not ‘green’ on the dashboard you’ll need to create an ‘enforced’ outbound policy with a destination of the hotspot IP and a source of any, with the wifi WAN connection set as the route.

i tried port forwarding which didn’t work for me, is it because wifi-wan is in standby mode ?
you were saying it should be in green. but if wifi-wan is active do i not loose connectivity.

Also is there any way i can see logs if my ssh command from laptop hitting peplink.

it could be (could also be the CGNAT issue), but also no traffic will be sent via a wan port that is in standby priority unless an enforced outbound policy is used.

yes create a firewall rule for port you are using for the ssh traffic ( eg 2222) set to allow and enable logging.