Teltonika TBR140 to FusionHub via IPSEC

Hi!
for a new IoT project we need to connect existing customer Teltonika TBR140 routers with a SFE through a FusionHub with public IP using IPSEC (for the TBR140).

Anyone didi this or can advice for to setup IPSEC on both FusionHub and the TBR140?

Thanks,
-J

Really?? No one can help?

Hi Jamo - where are you stuck?

Hi Martin,
it is difficult to understand how to use the TBR140 using standard SIM cards without static public IP or DynDNS. The main issue is the local and remote identifier that should be an IP or FQDN. I used just a private hostname e.g. likeabird.fusionhub as local id and likeabird.tbr140 as remote id. I was able to connect between the TBR140 and FusionHub, however other PepVPNs was dropped.
The Fusionhub has a WAN 10.0.0.0 subnet and a LAN subnet 10.0.1.0.

What is missing is a Fusionhub IPsec examples using the Fusionhub and a non static IP remote LTE router.

Deactivating the IPsec profile, reboot of Fusionhub brings the PepVPN tunnels back online. As soon the IPsec profile will be activated, IPsec tunnels goes online but the PepVPN tunnels are dropped. It retries all the time without success. Under Dashboard → PepVPN Status (show all profiles) shows WAN - not available - link status Detecting Link Status
Is there may be a UDP port 4500 conflict between the IPsec and PepVPN?

Seems working now. In the Fusionhub I changed in the PepVPN profile the Data Port from Default to Custom 4501. As I didn’t open the port 4501 on the cloud firewall, the 4501 is just going out from FusionHub to the remote MAX peers? Is there a connection flow diagram that explains how PepVPN establish the connections?

Now the problem is to communicate between the IPsec remote devices behind the TBR140 and the various MAX devices. Any advices?

Yes. IPSEC hogs 4500 so as you discovered PepVPN/Speedfusion then moves to 4501. If you add subtunnels SpeedFusion will then count upwards from its starting point too (so 4501,2502 etc).

You’ll need to tell the Fusionhub what LAN networks are available over the IPSEC tunnel on the LAN of the TBR140 and vice versa so that each appliance knows what to route where.

Hi Martin,
I was able to connect between the FH LAN and the TBR140. However I’m not able to combine PepVPN peers with the IPsec. I attached the scenario and some FH screenshots.
The Drone Mission Planner shall communicate with both the MAX and TBR140 equipment drones.