Site to Site VPN routing


#1

I am having trouble figuring out how to route private IP addresses over a site-to-site VPN. I can set up and establish a connection, but I can not enter any routing information.

When I set up the VPN, do I need to put any private IP addresses in the Peer IP address/Host field?
Where do I enter the routing for the VPN?


#2

anyone, No Hints?


#3

Hello,

All static routes that you have created are dynamically exchanged when the speedfusion VPN is UP.
Dynamic routing protocols (like RIP or OSPF) are currently not supported on Peplink.

Regards,

HA


#4

I don’t use RIP or OSPF. If the peplinks have different subnets, how do enter the route over the VPN. It’s not clear and I have tried as many different ways as I could find to do it, but the peplink will not accept it.
If the LAN of one Peplink is 10.10.10.1 and the Lan of the other Peplink is 10.11.10.1 and they are connected through the site to site VPN which have different public IPs on their WAN ports, how do I tell 10.10.10.1 to use the VPN to get to the 10.11.10.0/24 subnet or IP address?


#5

You don’t have to - because Peplink does it automatically.

Once the VPN is up, Peplink should automatically use VPN to get to 10.11.10.0/24 - in any case VPN would be the only route that gets to 10.11.10.0/24, or is it not?


#6

I am not sure what you mean by VPN would be the only route that gets to 10.11.10.0/24.

I am trying to connect 2 private networks through the Peplink. I have it working with another VPN router, but I can not get it to work with the Peplink.

So here is basically what I am trying to do.
I have a server connected to the peplink. The Peplink LAN is 10.10.2.1 (peplink1). The Servers IP is 10.10.2.2 (server1).
I have another location with a peplink 380 that has 3 modems connected. It has a server attached to the LAN of the Peplink. The Peplink LAN is 10.11.2.1 (peplink2). The server IP is 10.11.2.2 (server2).

I am trying to get server1 and server2 to communicate over the VPN. I add the following route to server1: 10.11.0.0/16 gateway 10.10.2.1, I do the same in server2. I still can’t get the 2 servers to communicate.
What am I doing wrong?


#7

Hi Elton,

If the VPN is up and both servers are pointing to their local Balance for the remote destination network, you should have communication between them. Routing through the VPN is automatic. Is it possible you have the Balance firewall blocking this traffic with the default inbound access rule set to deny?


#8

I found that you need to setup “allow” rules on both ends to allow traffic from each others subnets. I did not have to do anything with gateways.

So, on the 10.10.10.0 subnet allow 10.11.10.0 and on the 10.11.10.0 subnet allow 10.10.10.0.


#9


This is a shot of one of the rules allowing from another VPN to the LAN


#10

You are doing everything right, Elton. That is all we need to have your 2 servers, each on a different Peplink LAN network, to talk to each other.

And what Robert points out could be the missing piece - firewall rule. One quick thing to try is to turn the firewall default rule to ALLOW ALL and see if the servers can find each other. If so, then we have our answer. Thanks.


#11

If you’ve got multiple computers or numerous devices connected to your network, and want for them to be routed through your VPN servers, you will opt to setup a VPN affiliation on your actual router. By doing therefore there ought no to tack together each device severally, as your router can mechanically connect all devices to our service. This can be particularly helpful for connecting devices with no inbuilt VPN support.

View More Details About VPN Router