I am having a rather specific problem with SpeedFusion VPN.
On one side I have 580 with 3wan links and on the other 380 with 2 wan links.
I am able to establish a SpeedFusion tunnel and from 580 side I am able to see hosth behind 380 but not vice versa.
From 380 I can’t see anything behind 580 or 580 itself.
I checked firewall and it’s all all allow on both devices and no static routes assigned.
Also if I establish a Layer 2 VPN via SpeedFusion all works good .
Only when I setup L3 VPN I am having theses problems.
Please help.
I was pinging from a host behind 380, which is the communication I need in this scenario.
Just tried it from 380 using speedfusion and it works. Pings are working with 580 and hosts behind it.
What can be blocking it on LAN side of 380? There are no firewalls in the equation.
When pinging from LAN side of 380 I get destination host unreachable.
dafault gateway on 380 LAN side is the 380 ip.
580 side 192.168.1.243 LAN address, and it is the gateway and DNS for LAN hosts
380 side 192.168.2.243 LAN address, and it is the gateway and DNS for LAN hosts
yes on the 580 side none of the WAN ip’s are in 192.168.1.x on they are 192.168.0.x, 192.168.12.x and 192.168.13.x
on the 380 side WAN ip’s are in ranges of 192.168.10.x and 192.168.11.x
Thank you for all of the information that you have provided thus far. To better resolve this issue I would recommend creating a support ticket here: http://cs.peplink.com/contact/support/. Once created a technical support member will be able to take a closer look at the issue.
wan1 cable modem/router with static ip with NATed peplink in DMZ 10/1mbit
wan2 adsl router with dynamic ip and NATed peplink in DMZ 10/1mbit
wan3 wimax router with dynamic ip and NATed peplink in DMZ 5/2mbit
380 side
wan1 wiomax router with dynamic ip and NATed peplink in DMZ 5/2mbit
wan2 wimax router with dynamic ip and NATed peplink in DMZ 5/2mbit
no firewals are in place at the moment this is for demo and test.
also i was using links from knowledge base as a guide. I have opened a ticket.
I also noticed while troubleshooting that when i use iphone app to check the routers on 580 speedfusion i can see all the networks form 380 lan and wan and can access them
but on 380 side all i see in networks list is 192.168.1.137/32 and 192.168.138/32 from 580 side??!
it looks like 580 is advertising routes incorrectly via vpn.
After some more troubleshooting I was able to fix the problem and want to post it for the community.
After looking closely at all the settings I noticed I have wrong subnet mask on 580 LAN side.
It was 192.168.1.0/16 and since I changed it to /24 all problems went away and it works perfectly.
The 380 side was 192.168.2.0/24 and it was creating/advertising a weird routes and no connectivity from 380 side LAN.
It was left after Layer 2 VPN test and I didn’t correct it.
Thanks for the quick response.