Port forwarding FusionHub to existing router when using drop-in mode


#1

Hi everyone,

I’m having issues doing port forwarding from FusionHub when using drop in mode and was wondering how to set this up or if it’s possible. There’s 2 scenarios, both using a cable modem with 1 Static IP 99.99.99.3, with LTE for WAN2 creating a PepVPN to FusionHub with public IP 64.137.10.10. There’s an existing customer firewall with LAN 192.168.1.1 and then for example there’s 2 servers, a web server on port 80 at 192.168.1.50 and a FTP server on port 21 at 192.168.1.60. What I’m trying to do is access these servers via FusionHub’s public IP address, so if WAN1 goes down they can still be accessed over WAN2 through PepVPN. It works using NAT but not sure how to set it up with drop in mode.

First is just NAT with no drop in mode:

Here the existing router of course has port forwarding set up to forward port 80 to 192.168.1.50 and port 21 to 192.168.1.60. In FusionHub I then set port forwarding for TCP port 80 and 21 on WAN connection on 64.137.10.10 (Interface IP) and set the Server IP Address to the WAN of the customer existing router, so 192.168.50.10 in this case. There’s nothing on the Peplink that needs to be changed, as it works when the ports are only opened on FusionHub.

This works fine, as if I access 64.137.10.10 in a browser I’m taken to the web server on 192.168.1.50 and same with FTP on port 21 it takes me to the FTP server at 192.168.1.60.

Second is with drop-in mode, sharing 1 IP and where I’m suck:

Same scenario here, but using drop-in mode on the Peplink, with shared IP address being the cable 99.99.99.3 IP, which is currently configured as well on the WAN port on the existing router.

I’m just not having any luck figuring out how to port forward from FusionHub to the web and FTP server when using drop in mode as I don’t know what device IP I’d put as the Server IP Address or if I need to configure port forwarding on the on prem Peplink device in addition to FusionHub or what not. Thanks so much.


#2

@liammonroe
The cable modem also assigned with 99.99.99.3 ? or it’s typo problem for the IP ?

For you question “port forward from FusionHub”, this is more to the design for the routing involved.

  1. Do FusionHub end see the routing 99.99.99.3 distributed by the drop in mode device ?
  2. Do the firewall support inbound connection direct to 192.168.1.x ?

#3

In this example it’s a cable modem with a /30 so just 1 public IP with the example being 99.99.99.3, so the Peplink would be sharing the IP address. But I think the example would be similar if the Peplink was 99.99.99.4 and the CPE 99.99.99.3 or whatever. It’s just a made up IP for example.

I’m not sure the answer to your first question or what that means, but for the second one yes the firewall has port forwarding enabled to forward ports from the WAN interface to the various LAN IP’s like 192.168.1.50 for the web server.

In the first example when using NAT it works fine. I set up port forwarding on FusionHub for FusionHub’s WAN interface, and port forward to the CPE 192.168.1.1. It’s just when using drop in mode it doesn’t seem possible, since the CPE is assigned the cable modem’s public IP. I tried doing FusionHub port forwarding from WAN to IP 99.99.99.3 which worked, until I disconnected the cable modem and failed over to LTE, then inbound connectivity stopped.