Subnet users can not go to internet

Hi, Peplink guys,

We found subnet users can not go to internet and another problem is for the inter-vlan routing configuration, please help.

We are using build up an Peplink HA infrastructure, as the attached captured.

Our Peplink hardware :

Peplink model = Peplink 1350
Firmware = 8.0.2 ( we also tried version 8.0.1 )

LAN configuations in Peplink :

  1. LAN interface configuration is attached
  2. All VLAN configurations in Peplink…… are configured inter-vlan routing
  3. Firewall configuration in Peplink : all are defaullt setting

We found the inter-vlan routing failed as the attached ping test ( but ping test are successful for individual vlan ).

Ping test:

  1. From LAN (untagged VLan 888: 10.10.23.242 ) → 10.10.23.245 (router interface) OK
  2. From LAN (tagged VLan 200 : 10.61.200.253 ) → 10.61.200.254 (router interface) OK
  3. From LAN (untagged Vlan888: 10.10.23.242) —> 10.61.200.254 ( router interface ) failure

Any suggestion, thx.

With regards
Benson LE!

Only WAN3 shows an IP address in the diagram. Are there other active WANs in the 1350? Is the 1350 configured for drop-in mode with another WAN or is it configured as NAT mode?

1 Like

Hi, RON_case,

Thanks so much for your quick response. We deploy NAT mode for Peplink HA infrastructure.

WAN1 & WAN2 are the internet lines while WAN3 is private line…PepVPN is working properly…

Just strange for the Internet access for subnet users ( Subnet users’ default gateway is SRX345, not Peplink LAN; while SRX345 points to Peplink with default route 0.0.0.0/0 )

For internet access, “outbound policy” is default

As captured below: the interface reth1.888 blocked all traffic ( we can not verify if the Peplink or SRX345 issue ):

Session ID: 1364, Policy name: Internal-to-Internal/4, State: Active, Timeout: 18, Valid
In: 10.61.8.139/49568 → 149.154.167.91/80;tcp, Conn Tag: 0x0, If: reth2.8, Pkts: 2, Bytes: 104,
Out: 149.154.167.91/80 → 10.61.8.139/49568;tcp, Conn Tag: 0x0, If: reth1.888, Pkts: 0, Bytes: 0,

Session ID: 1618, Policy name: Internal-to-Internal/4, State: Active, Timeout: 4, Valid
In: 10.61.7.155/62259 → 13.94.40.40/443;tcp, Conn Tag: 0x0, If: reth2.7, Pkts: 5, Bytes: 260,
Out: 13.94.40.40/443 → 10.61.7.155/62259;tcp, Conn Tag: 0x0, If: reth1.888, Pkts: 0, Bytes: 0,

With many thanks in advance.