Speedfusion behind NAT issue

C1st · September 4, 2023, 1:49pm

Hi, please see the following diagram…

There is an established SpeedFusion link between the BR1 and the BR1 Mini. In a nutshell I want the two laptops to be able to see one another. At the moment, the Windows laptop can ping the Macbook but the Macbook cannot ping the Windows laptop.

In Status>OSPF & RIPv2 on the BR1 shows Area 0.0.0.0 and Remote Network 192.168.50.0/24. On the BR1 Mini this shows Area 192.168.88.0/24 (should be 192.168.60.0/24) so I think this is where the issue lies.

What is the best way to fix this so traffic can flow between the two devices in both directions?

Jonathan_Pitts · September 4, 2023, 3:23pm

It looks like you have it setup right, do you have windows firewall turned on that could be blocking it?

C1st · September 4, 2023, 3:57pm

Hi, no there is nothing blocking it on the client side (eg. the BR1 can successfully ping the Windows machine over the LAN).

Basically as it stands…

Any client on the BR1 LAN (192.168.60.0) can access anything on the BR1 Mini LAN (192.168.50.0), this is good
No client on the BR1 Mini LAN (192.168.50.0) can access anything on the BR1 LAN (192.168.60.0), this needs fixing
Any client on the BR1 Mini LAN (192.168.50.0) can access anything on the Draytek LAN (192.168.88.0), this is unexpected/wrong

C1st · September 5, 2023, 9:21am

I tried using InControl to configure the tunnel, the correct route is now showing and everything works.

I can’t see anything different in the setup though. It would be good to know how I could have achieved this with the tunnel set up manually.

Noah_Helterbrand · September 5, 2023, 1:53pm

The Draytek is an upstream route, this is an expected behavior with sending all traffic on the BR1 Mini side.

Check your routes in the speedfusion status page, not the OSPF page. You may need to set an outbound policy to 192.16.50.0/24 enforced to your speedfusion tunnel on the BR1 Mini network.

And then check firewalls of course.