Reach Incontrol2 servers without a DNS server in a private APN

We are integrating the access to Incontrol2 using a Private APN using a MAX-BR1 just with 1 cellular SIM without another WAN.

At this moment we already opened the IP and ports at the Firewall but the Peplink Routers cannot reach to the Incontrol2 servers.

Regarding the firewall, is not possible to use a host name; maybe this is the problem that the Router is trying to resolve a DNS address but the APN is not solving or providing the Incontrol2 IP address which the Router should send the control data.

We have tried putting the IP 54.201.63.99 in the option “Privately host Incontrol2” but it doesn´t work.

**Could you help how can we solve this?

Is it possible to reach the Incontrol2 servers without a DNS server in a private APN?**

Aready open:

IP addresses:
54.213.17.185
54.218.62.163
54.201.63.99
54.69.133.25
54.174.153.41
54.174.232.241
54.169.188.216
54.169.190.249

Ports:
UDP Port: 5246
TCP Port: 443

Not possible to define in the firewall:

Hosts:
ac1.peplink.com
ac2.peplink.com
ac1-1.peplink.com
ac1-2.peplink.com
ac2-1.peplink.com
ac2-2.peplink.com
ra1-1.peplink.com
ra1-2.peplink.com

It’s alright to define the firewall rules in IP addresses instead of host names. The IP addresses and port numbers are correct. If the routers do not appear online on IC2, that means the firewall “allow” rules are still not yet in effective.

No, you should not enable “Privately Host InControl” option. The default setting is already good.

I’d suggest to also allow outgoing ICMP ECHO to those IP addresses. If the rules are in effective, you should be able to ping from the routers to the IP addresses. So you could verify if the rules are in place or not.

Hope it helps.

1 Like