SpeedFusion Connect blocked by corporate network

avic · September 11, 2024, 5:58pm

So after figuring out how to route only my wife’s laptop to go via SpeedFusion Connect, it seems that her corporate network blocks the SpeedFusion datacenter as a “forbidden” VPN

I am not sure exactly what is blocked, but at least the Single Sign On (SSO) via Okta.

is there a way to configure my Peplink B One router to bypass SpeedFusion for only the “stuff” that is blocked?

or vice versa, only pass to SpeedFusion critical services such as Teams/Zoom/VOIP soft phone, etc.

the B One does not seem to have the ability to route by application via the advanced outbound policy that I can link to her MAC address.

it seem to only be able to route “by application” but for the entire LAN via the “SpeedFusion Connect” page.

I believe that what I need is “By Application” AND “MAC Address” as the “Source”, not either/or

avic · September 11, 2024, 6:47pm

so apparently, SpeedFusion Connect was set to Auto, which supposed to pick lowest latency, usually Los Angeles, sometimes San Fransisco.

but, her corporate IT sees United Arab Emirates???

which is why they blocked it…

I configured SFC away from auto and using LAX/SFO/SJC as “priority”

but, I would still like to know if there is any way for me to configure both “By Application” AND MAC (or suggest it as a “feature”?)

also, I would like to know how can I see which datacenter did SpeedFusion Connect is using?

avic · September 12, 2024, 11:19pm

Figured it out.

there was no actual connection from UAE

the GeoIP for that IP was wrong.

took a while to trace, 181.0.0.0 block is assigned by LACNIC

but 181.214.0.0 has a whois of Korea, yet assigned by RIPE with GeoIP of UAE

and yet 181.215.247.0/24 is leased by IPXO to the highvelocity data center at One Wilshire in Los Angeles which is where Peplink SpeedFusion Hub is colocated…

I put in a request to update the GeoIP.