Reach thermostat on WIFI WAN 10.10.10.10 from the LAN

pbawesome · October 5, 2024, 12:29am

I have Wifi WAN connected to an AP that’s assigned the peplink 10.10.10.12 On that network at 10.10.10.10 is a thermostat I am trying to reach. I can ping it from the System->Ping menu of the BR1 but I cannot reach it from any LAN clients.

How do I do this?

I tried to add outbound policy
Source Any
Destination 10.10.10.10
Enforced WAN WIFI WAN

Traceroute to 10.10.10.10 shows it’s trying to go through 192.168.50.1 (peplink) but not getting anywhere past that.

traceroute to 10.10.10.12 (10.10.10.12), 30 hops max, 38 byte packets
1 10.10.10.12 (10.10.10.12) 1.504 ms 1.903 ms 1.630 ms
root@einstein:~# traceroute 10.10.10.10
traceroute to 10.10.10.10 (10.10.10.10), 30 hops max, 38 byte packets
1 192.168.50.1 (192.168.50.1) 1.195 ms 1.224 ms 1.312 ms
2 * * *
3 192.168.50.1 (192.168.50.1) 106.661 ms 112.052 ms 133.524 ms
4 * * *
5 192.168.50.1 (192.168.50.1) 213.333 ms 235.290 ms 227.970 ms
6 * *

Jonathan_Pitts · October 5, 2024, 1:52pm

Check that your wifi settings does not have lan isolation turn on, it may be under a hidden ? icon.

pbawesome · October 5, 2024, 2:06pm

I haven’t seen a setting like that. Where would it be?

Jonathan_Pitts · October 5, 2024, 2:33pm

Have you setup the wifi via ic2 or locally in the device?

pbawesome · October 5, 2024, 4:15pm

I set it up locally on the web admin

soylentgreen · October 5, 2024, 4:52pm

Are you on firmware 8.5? I’m seeing something with 8.5 where a device on a VLAN can’t talk to the router, when I have firewall rules + outbound policy in place. see Outbound Policy + Firewall + VLAN bug in firmware 8.5

pbawesome · October 5, 2024, 7:53pm

Yes I’ll try downgrading to 8.4 but I think my issue isn’t the same as theirs

pbawesome · October 6, 2024, 12:55am

rolling back to 8.4.1 worked thank you!!! I was going crazy

soylentgreen · October 6, 2024, 1:14am

Interesting! Do you know more about your device?

My IOT device only communicates using UDP. I wonder if that’s relevant?

pbawesome · October 6, 2024, 1:31am

It’s a MAX BR1 HW3 LTE only no 5G I’ll probably upgrade to 5G now that I’ve proven this concept works. I changed literally no settings just rolled the firmware back to 8.4.1 and I can access everything

pbawesome · October 6, 2024, 1:41am

Now I have one more request, trying to reach starlink dishy on 192.168.100.1 from local LAN. (peplink can ping it through system->ping) but a LAN device cannot. set an outbound policy for that IP the same as I did for the thermostat but to no avail

Just like this:

pbawesome · October 6, 2024, 3:36am

Well after a while I stopped being able to reach 10.10.10.10 lol wth

pbawesome · October 6, 2024, 3:44am

I do see a MAC on 10.10.10.10 when I run support arp