Excuse me if this is not possible on the BR1 Mini as I have no experience with that device. I assume the features are similar to the Balance series. Could you not do this with one of the domain name to dynamic IP services? We use dyn.com to create a domain name. The Balance router provides an easy hook into the service, on the WAN setup page, see the boxes for Dynamic DNS.
We use this specifically for the L2TP VPN that is provided in the Balance. Remote users can connect to xxx.dyndns.org even though the Balance does not have an static external IP.
I may have misunderstood the question, so please ignore me if this is the case.
You may run into problems not with the Pepwave, but your mobile carrier. A lot of cellular carriers will not allow remote access if you don’t have a Static IP. This is because they are using NAT.
Generally, the carriers with static IP are more expensive and do allow remote access.
So I am trying to do the same thing, access devices behind the pepwave Max BR1 LTE on a boat that is traveling from country to country, changing network operators frequently. Is there any hope to be able to access the devices on this network remotely from my home computer and if so, step by step, can someone please give me the recipe or point me in the right direction. I’ve asked lots of “experts” and no one seems to be able to give me an answer. thanks!!!
Sure. Couple of options.
Assuming your home internet connection has a public IP, the easiest way to do this would be to buy another Peplink device and get the BR1 to create a PepVPN to it using whatever it currently has for connectivity.
Seen customers use BR1s, Max on the Gos and even Pepwave APs for this remote access bit.
Or you can host a fusionhub in the cloud (which gives you a static cloud hosted IP) , get your BR1 to create a PepVPN to that Fusionhub and then port forward from the FusionHubs virtual public IP to your remote BR1.
Do you have a Peplink device at home already perhaps - that would be the easiest way assuming you only want to manage a single remote device?
No I do not have a Peplink at home and I travel quite a bit so being able to do it from anywhere is good. So maybe the Fusionhub is the easiest way.
Btw, I think I do not need ultra speeds and I’m only using one cellular wan port anyway so fusion bonding does not seem to be something I would need? Just simple connection.
I looked at the Fusionhub website and it just makes my head spin since I am trying to do something really simple and the only things I can see are enterprise level multi fusion hub clouds. I’m sure it can be done but not sure where to look.
Do you know of any simple set up manual or you tube that will show me how to do it or can you talk me through it if you have time?
I went to look online at Fusionhub and it looks like I would have to pay $499 to get the fusionhub and then another $99 or $199 for the license key? or is there a service provider that has fusionhub running and I can use their service for something under $10/mo? or was there a free fusionhub license for personal use and then use something like upcloud or the like. I was looking at ip-no.org but then its not a true PepVPN but maybe accomplish the same thing with port forwarding all the devices to ports, but I am a complete newbie in this field so I really don’t quite know what I’m talking about yet… Thanks for your patience.
I will sell this kind of remote access for £29.95GBP/month which is good value. You’re unlikely to get it for your target $10/month price, but maybe other partners here can help.
If you want cheap:
Get yourself a Pepwave AP One AC mini.
Plug that into your home network.
Do PepVPN from your BR1 to it and now any device on wifi at home can route to the LAN devices on the BR1.
Set up a mobile VPN to your home using your current Router there.
Thank you Martin, your advice has been super helpful. I’m in Boston, USA. your scenario of using the pepwave AP One AC mini sounds like a good one. I will give that a try. If I understand correctly, your advice is that PepVPN between two PEPlink products is a lot better than some other method of getting into the devices on the boat. The only reason I ask is that often times I will be traveling but it sounds like I will need to travel with my Peplink AP One AC mini now if I need to get access:)
Also, Do I need to request a static IP address from my home ISP or not necessary with PepVPN?
No, I would suggest that whatever router you currently have will likely support remote ‘mobile worker VPN’ so you would just dial up to your current router and then be able to access the Boat LAN. It would look something like this:
Your Remote BR1 is connected via cellular but the ISP is using carrier grade NAT so you can’t remotely access the BR1 or devices on its LAN.
So we’re going to get the BR1 to make a VPN tunnel to your home (via whatever router you might have), if you have a dynamic public IP address at home then you need to use a dynamic DNS service so the BR1 can always find your home.
The BR1 then tries to make a PepVPN connection to your dynamic dns name
Your router (which is not a Peplink device) forwards the PepVPN traffic to your Peplink/Pepwave access point,
You then have a PepVPN between your BR1 and the Access point. Wifi clients connected to the access point will be able to access devices on the LAN of your remote BR1.
To let wired devices connect, you need to tell your router about the remote network using a static route, so that when any local LAN device tries to connect to the remote BR1 LAN devices that traffic is sent via the access point and over the PepVPN.
When you are on the road, you create a VPN to your router. Once connected you can then route traffic to the LAN of your remote BR1.
The alternative of course is to use a Peplink device at home as your internet router - then things get less complicated. Especially as you get free dynamic dns using Peplink’s cloud management app InControl2 as well as automated PepVPN configuration. IN the diagram below I am suggesting a Surf Soho.
Martin, you are amazing! thank you. I have bought the Pepwave AP One Mini on Amazon and will have it Thursday and try setting it up. Will let you know how it works or if I have any issues. Thanks so much. Larry
Hi Martin, thanks again for your help on this. I have ordered the AP and got a Dynamic DNS free on DNSDynamic. next issue I can see is setting up the VPN on my home network. I have the Verizon FIOS supplied quantum G1100 router which supports VPN as a passthrough they say. I have a Western Digital My Cloud NAS drive which I think might be able to do something like be a VPN server unless I could use the AP one Mini as the VPN? or did I need to get the router Surf Soho and just plug it into my Fios Router as some people on the web suggest is needed? Any thoughts on this? I’ll let you know after tomorrow on the PepVPN functionality working hopefully anyway.
You’ll be able to do site to site VPN between your BR1 and your home network with the AP One. Remote access to your home network is another element that is seperate from the site to site (unless you do option 2 above where the Surf Soho can do both site to site and remote user VPN).
I have PC’s I leave on 24/7 at home, so if it was me I’d use something like teamviewer to remotely dial in when needed, or I would run a virtual VPN server appliance as a VM on the PC that’s always on. Your G1100 has no inbuilt VPN functionality as far as I can see.
So you have the following options.
Send the AP back and buy a Surf Soho which can do the remote user and PepVPN bits (It has a max of 120Mbps throughput so keep that in mind if you are on a high speed fibre).
Upgrade your NAS to a Synology or similar that can also act as a VPN server.
Use a software VPN or remote access solution to a PC that is on your home LAN (Teamviewer, softether vpn etc)
Hi Martin, still waiting for the boat to call back (in transit right now) and i will give them my newly created DDNS. I have tried to follow your instructions:
as in 4 above, I used port forwarding rules to route UDP Any–>4500 and TCP Any–>32015 and made that same as incoming traffic into the Pep AP One Mini.
But in #6 above, I’m not sure how to set the static so that when someone tries to connect to something in the 192.168.50.x range that it goes thru the PepAP at 192.168.1.254?
Should I go to settings and change the 192.1.68.1.1 to 192.168.50.0 or .1? I’m just a bit lost on this part.
on the VPN, I upgraded my wife’s imacG5 to run high sierra (Mac OS X) and can run the VPN server (L2TP?) in.
Then when the boat calls, all i need them to do is enable PepVPN and put in my DDNS name and serial number of the Pep AP One Mini and we should be ok?
thanks,
Hi Martin, I thought I had done most everything right so its either a minor issue or I’ve got it completely bolluxed up. I’ve set up the DDNS and used that as the remote hostname. I set up the port forwarding and the routing, and set up the local and Remote ID’s including serial number. One weird thing is that while setting up the AP it said that it could not be set up with PepVPN if it was in bridging mode. so even though its behind my G1100 router, I set it to router with IP forwarding. But something is not working. I have taken screen shots of all but would prefer not to post them on the internet… any chance you might accept a dropbox link or a few pictures? I expect I just did something that can be easily fixed. Thanks! Larry
Sure. You can PM me a Dropbox link or just dump the photos in the PM too.
The AP has to be in router mode (so it has a WAN and LAN). The LAN can be anything you like, so long as its not the same as the remote BR1 or the local home network subnet.
Hi Martin, Thanks so much for all your help. It was fantastic to have such a knowledgeable resource as you helping me. I don’t know that I would have ever gotten there otherwise!! I can now work on the boat electronics from 2000 miles away and even navigate in real time from my bedroom! it works perfectly. Thanks again for all your help. Definitely recommend you to anyone! Best Regards, Larry
Thanks Larry, glad we could get you connected to your boat from home - that visibility of its location, with live heading / compass bearing and wind speed data is very cool!
