The firmware 6.2.1 user manual says that port 32015 is used with speed fusion. Quoting
“Peplink proprietary SpeedFusion uses TCP port 32015 and UDP port 4500 for establishing VPN connections.”
I am using PepVPN but my Balance 20 doesn’t support Speed Fusion, at least I don’t see it in the web UI where the manual says it should be.
The manual also describes the Data Port field for PepVPN as a UDP port number used for outgoing VPN data. But here too, it does not seem to apply. I detected the port being open using TCP from the outside, which means incoming data.
Quoting the user manual on Data Port: “This field is used to specify a UDP port number for transporting outgoing VPN data. If Default is selected, UDP port 4500 will be used. Port 32015 will be used if the remote unit uses Firmware prior to version 5.4 or if port 4500 is unavailable.”
The PepVPN connection in the Balance 20 is to a Surf SOHO running firmware 6.2.0, so we are not dealing with firmware prior to version 5.4.
And the web UI helps says: “This field specifies the outgoing UDP port number for transporting VPN data. If Default is selected, port 4500 will be used by default. Port 32015 will be used if the remote unit’s firmware version is prior to 5.4 or the port 4500 is unavailable for use.”
If the documentation is correct, the Balance 20 should not have port 32015 open to accept incoming TCP connections.
What concerns me about this port being open is that it advertises certain information that could be used by a hacker to build his intelligence about my network. For example on my Balance 380 a whole bunch of info is world accessible, so now a potential hacker has the LAN and WAN address, subnets, status etc. Is there some way this can be blocked without breaking SpeedFusion?
Please help to configure PSK for SpeedFusion (Network > SpeedFusion > Select SpeedFusion profile > Remote ID / Pre-shared Key > enter pre-shared Key for both SpeedFusion peer). This will help in your situation.
I can get this info from the wan side. I would be less concerned if it was only on the LAN side.
Im on the latest v5 firmware since these are out of warranty devices. Now that v6 is available without a warranty I’ll upgrade to 6.2 and report back with my findings. This will take me a while because I’m out of the office for the next week.
I upgraded to firmware 6.2.2 and it looks like I can no longer grab internal LAN info by issuing the expect command. I’ll keep exploring this for a while, but thanks for the advice so far, which seems to have worked.