Can I get the FusionHUB WAN IP to forward all traffic to SFC Interface of Speedfusion client device?
Hi! I assume you need all traffic sent to the FusionHub’s WAN IP to be forwarded to a client connected to a different device - then this can be done a little differently:
- Configure a regular SpeedFusion tunnel between the FusionHub and the other Peplink device.
- On the FusionHub configure port forwarding to forward your needed traffic to the needed client. This can also be a rule to forward all TCP and UDP traffic to the client.
1 Like
Is there a way to forward ALL traffic from the Speedfusion HUB to the other Peplink Device? I don’t want to forward specific traffic to a specific device.
Essentially the Public IP that the Speedfusion HUB has – I want it to ALL go to the Peplink device, and then I can setup port forwarding like normal on the Peplink device to the appropriate client device inside the network.
Or if that is not possible, can the Speedfusion device simply get another Public IP that is available to the FusionHUB? Maybe a Layer2 bridge or something similar?
Not really, the only way to do this with a FusionHub is port forwarding. Like I mentioned, you can forward all TCP and UDP ports - thus all TCP and UDP traffic (unless the port is used by the FusionHub itself) will be forwarded to the Peplink peer device. On it you can also set up port forwarding, thus distributing the traffic to it’s clients.
Do you have any traffic which would have issues with this setup?
1 Like
Port forwarding would be fine; I only see the option to forward to a specific IP of a device BEHIND the peer peplink. I want to forward all the incoming traffic to the hubs WAN IP directly to the Peer Peplink device. How exactly do I forward all the traffic?
Regarding the alternative solution by assigning a data center public IP on the peer device, slides 16-20 on this presentation seem to indicate this can be done. It’s a bit more complicated than I was hoping, has anybody ever actually done this and can confirm it works? 2- HK Summit 2018 FusionHub – Deployment Architectures and Benefits - Google Slides
Clients connected via a site-to-site VPN are treated the same as LAN clients. You can make port forwarding rules to them.
Regarding the shared slides - I haven’t tested it, but it does look a little off. Though it assumes the FusionHub has more than one available public IP address.
Yes I used to do this all the time and it worked well for hosted FusionHubs in Vultr, letting me present the additional floating Public IPs you can add to a vm there on the LAN of the remote peplink so that connected firewall devices would get a public IP on their interface.
Today we do this differently acting as an enhanced ISP, with our own public IP ranges routed all the way through to the LAN devices.
Let me know if you need any help.