It is possible to configure fusionhub with more than one public IP on the WAN interface?
None of the cellular ISP connected routers have public IPs, and I have an app that uses the same UDP port numbers (not relocatable) that I need running in more than one place behind the FusionHub.
Thanks,
Jim
Hi, FusionHub does not support multiple WAN IP address.
Thanks for the reply Kenny.
I have an application (Yaesuās Wires-X amateur radio VoIP app) that uses 6 hardcoded UDP ports for the āserverā side of it, hence needing more than one public IP for mapping back to the originating devices. Since the ISPs donāt like to give real public IPs, Iāve been using my fusionhub as my main gateway to the world for all my MAX routers.
I need a better solution now. Back to the drawing board.
jim
I support a bunch of RoIP services using a combination of Fusionhub and Opnsense VMs. I can recommend OPNsense for the firewall piece - you can use as many IPs as you need on that and forward to FusionHub LAN.
Thanks Martin.
So basically, Iād set up an Opnsense VM as my āprimary gatewayā device for everything, with multiple unique public IPs on it? The Fusionhub VM would have its own public address as well outside the Opnsense, and all the peplink routers would pepvpn into the hub, and send all traffic via the tunnel? How would I tell the fusionhub to take that traffic and send it to the Opnsense for routing? Iām assuming Iād also want the Opnsense to handle all the NAT for me, right?
Iām at a transition point where (in August) Iāll be setting up a new site with a new router, and operating it concurrently with the old sites for several months and slowly transition things from the old sites to the new site. But in the end, Iāll have 4 routers, 3 of them attached via cellular, and the 4th via a fixed wireless provider most likely (still exploring providers at the new location), so whatever I build I would like it to handle the transition and the post-transition equally well.
Thanks,
Jim
We use this configuration regularly as part of our NetReach SD-WAN service offering. Its an extremely powerful combination of traditional routing and remote access capabilities found in Opnsense (OpenVPN, SSL & TINC VPN, traffic shaping, netflow etc) and the insanely powerful Speedfusion SD-WAN features.
But of course you could always use pfsense or NG firewall / Untangle too - whatever you prefer.
Martin,
That really helps a lot.
I think my thinking has been hampered by using Linode for so long. While they let you set up private addresses for direct server to server communications (at no extra cost for the IP or the traffic), they donāt do it as a new interface, but as an alias on the WAN interface.
Deploying Fusionhub on Linode is sufficiently quirky that Iāve been considering switching for a while now.
Thank you,
Jim
Give Vultr a go. I manage loads of fusionhubs (my own and for other Peplink partners) on vultr in the US and across Europe and they have been great. Private networking just works and they are great value for money.
My fusionhub is the essential license (5 peers, 100Mbps max bandwidth). It looks like the $5/month plan (edit: on vultr, I forgot to put that part) meets the minimum specs for that installation (1CPU, 1GB RAM, 1000GB transfer, 25GB storage). Can you think of a good reason I would want to pick a higher plan for the fusionhub? I would hate to undersize it and regret it later.
Any recommendation for minimal size for the opnsense box?
Start with the $5/plan for both, upgrading it is easy if you discover you need to and just requires a plan change and reboot from the Vultr control panel.
Martin, youāve been extremely helpful.
Iām sorry that I had signed up at vultr before seeing your referral link, I would have used it.
Since so much of my network design that has built up piecemeal over the years is having to be touched/modified, Iāve taken the time to sit down and design something from scratch rather than just letting it morph like it has in the past. On top of that, Iām learning opnsense. While itās a descendant of m0n0wall, Iāve not used a packaged firewall system since a few years before m0n0wall stoppped developlment, and pfsense was still very new software. lol Mostly Iāve used my peplinks and at work cisco firewalls.
The process is definitely taking a lot longer than āadd a second IPā, but I think this is building the foundation for a better (and arguably more secure) network long term.
Thanks again for everything,
Jim
Hey Jim - glad its all coming right. Opnsense is a bit of a beast to be honest, but its well worth the effort.
Best of luck!
Is there any possibility that the roadmap might consider (near) future support for multiple IP addresses on the one WAN of a FusionHub instance? The use cases would be the same as for the Peplink hardware routers supporting multiple IP addresses, with the additional boon of virtualization.
Adding another component such as an OpnSense instance between the FusionHub instance and the world complicates the architecture and duplicates functionality - it is esthetically displeasing 
.
This feature is on roadmap but no ETA yet. This is not available in 8.0.1 firmware.
Adding a vote for this feature.
Adding a vote also for this feature.