Routing for remote network over speedfusion

koumakan · January 25, 2013, 9:15am

Hi,

I have a Max 700 and a 380 connected with Speedfusion, i am behind the 380 and i am able to access the web interface of the Max700. I have devices connected behind the Max 700 i need to access them remotely.
I have add a port forwarding rule on the max 700 side for the ssh port to the remote device and also allowed all the incoming and outgoing traffic in both firewalls (security is not an issue for me) but i am not able to access the device. I am pretty sure its a routing problem cause even if i am able to ping and access the LAN web interface of Max700 over Speedfusion, i am not able to reach any other device in this network.

The traceroute stop at the 380 lan ip address and i dont know where to add a route in the 380 for remote network over speedfusion ?

I know i am missing something, plz help

Thanks

Tim_S · January 25, 2013, 9:28pm

Actually, you should be able to access the devices behind the MAX 700 with no problems.

If your main connectivity to the MAX 700 is via cellular, you may need to check with the carriers to see if you can get a static IP. They tend to block a lot of incoming connections, and you may already be NAT’d.

koumakan · January 26, 2013, 1:41am

Hi and thanks for the quick replay,

I am not sure to understand your point about the static address, those are more details about the connectivity:

The max700 is connected to the internet with four 3g USB dongles (load balancing), those addresses are not static (i asked the ISP and its not possible to have a static addresses with those dongles), but the IP address on the 380 side is static, and till now i have no problem setting the speedfusion, i just add the (380 static address in the speedfusion configuration max700 side).

What i don’t understand is why i am able to access the max700 and not the other devices they are in the same network, when i ping the max 700 interface i get

PING 192.168.0.1 (192.168.0.1) from 5.192.224.221 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_req=1 ttl=64 time=1507 ms
64 bytes from 192.168.0.1: icmp_req=2 ttl=64 time=1011 ms

— 192.168.0.1 ping statistics —
5 packets transmitted, 2 received, 0% packet loss, time 4013ms
rtt min/avg/max/mdev = 916.304/1101.657/1507.817/207.891 ms

When i ping a device in the same network 192.168.0.17 connected to the LAN port of the max 700 i got

PING 192.168.0.17 (192.168.0.17) from 5.192.224.221 56(84) bytes of data.

— 192.168.0.17 ping statistics —
5 packets transmitted, 0 received, 100% packet loss, time 3999ms

I tried to use the trouble shooting tools that are located in the max700 web interface (ping, trace-route ) to reach devices behind it and still no luck, is there a log file somewhere i can check to help me troubleshoot the problem and get more details about whats going on.

Is there a way to access the max 700 over ssh and from there open a connection to my device behind it ?

Thanks

Kurt_See · January 27, 2013, 4:37pm

Ummm this usually is the firewall rules but you mentioned you checked that… could you access device on Balance 380 LAN from behind MAX 700?

koumakan · January 27, 2013, 11:43pm

Hi,

Yes, that was my first idea so i checked the firewall on both side (max 700 & 380) and its all Default any any allow and i didn’t add any rule myself to the firewall to deny any kind of traffic. Then i start thinking about a routing problem cause i didn’t find any rule on the 380 side that specify the Max 700 192.168.0.1 IP address as a default gateway to the 192.168.0.0 network.

I also tried the port forwarding on the Max 700 side from 192.168.0.1:22 (Max 700) to 192.168.0.17:22 (device i need to connect to) but still no luck.

Unfortunately i am not able to try this cause i don’t have direct access to the device behind the Max 700. But i can tell you that the device behind the Max 700 have access to the internet over the USB dongles. One more think, i don’t have any firewall or any kind of other device in the network, in other words my network topology is the following : Me ----> 380 -----> Max700 -----> device

Is there a way to see the log file on the Max700 ?

thanks its really appreciated

Kurt_See · January 28, 2013, 10:31am

The routes are automatically advertised and exchanged over SpeedFusion. There is no need to manually specify MAX 700 as the default gateway for 192.168.0.0 unless there is a firewall/NAT router behind Peplink that hides some subnet from Peplink, but not in this case.

As long as SpeedFusion is established, Balance 380 will know to use SpeedFusion tunnel to find 192.168.0.0.

Let’s talk more about subnet - what is your Balance 380 LAN subnet? If we are using Layer 3 VPN, it must be different than 192.168.0.0. Also I believe we are on firmware 5.4.7, yes?

koumakan · January 28, 2013, 10:53am

Hi,

The problem is fixed, its was not related to a Speedfusion at all but to a connection problem on the Max 700 side, its not easy to figure out whats really going on a remote device.

I want to thank you all for the help provided.

Kurt_See · January 28, 2013, 11:16am

No problem. Glad it works.