Site to Site, Am I missing something?

curl3y · March 31, 2022, 8:22am

This is how we intended to use these, a Master unit at our office and 4g units in the field. When we need to access one of the the remote sites, we create the site to site on goodcloud, access the remote network (PC, PLC etc), when done, destroy the site to site connection as we don’t want a permanent connection.

I have made a site to site network using 2x GL-X300B,
One is connected via Lan to our main router (ip set as 192.168.1.200, used luci to disable dhcp), the other has 4G access and has a laptop attached via lan socket (router 192.168.2.1 and laptop 192.168.2.100)
I have successfully added them to a goodcloud account, and made the site to site network successfully.
I cannot access either network from either end, I can’t ping, ssh, vnc, smb anything?

Am I am missing something?

Thanks for you time.

alzhao · March 31, 2022, 9:55am

Have you added service in each node?

curl3y · March 31, 2022, 10:41am

Thanks for the reply. I apologise, I don’t quite follow. What service are you referring to?

alzhao · April 1, 2022, 1:40am

You need to set up which service, i.e. subnet you want to allow in each node.

clannad · April 1, 2022, 1:44am

Could you ping each node by tunnel ip?

curl3y · April 1, 2022, 7:36am

I have the settings on the screenshot attached. I can’t ping the nodes from each other.

Edit. I have been able to get to the admin console of 192.168.1.200 from a pc attached to 192.168.2.1. It will not work the other way. I cannot access anything else on the 192.168.1.0 range.

Leo · April 1, 2022, 9:22am

The main node, could you please enable the DHCP to try?
The site to site only support the IP address which last number is one.
You need to setup port forward.

curl3y · April 4, 2022, 8:58am

I have reset the main node to factory settings, made sure the DHCP is enabled (network and phone system chaos ensued as we already have a router doing this) and made sure it has an IP address ending in one (192.168.0.1). I cannot access network devices from the main node network to the remote node network. So I can only access the main node admin page from the remote, I cannot access any other network devices.

I had previously setup the port forwarding for the original address, I needed to do that to get the Node Usability Testing to pass and create the S2S network, so I ensured I changed those too.

Leo · April 6, 2022, 2:05am

Can you access the remote node admin page from the main node network?

curl3y · April 6, 2022, 6:55am

No, the web console wont load and I cannot ping the node either. I have tried 2 windows machines and a linux machine in case it was windows firewall. The remote end just has a windows 10 laptop and I can ping the main node and view the web console on it.

alzhao · April 6, 2022, 8:48am

Can you tell me what is the subnet of the upstream router of the two devices?

curl3y · April 6, 2022, 10:57am

I hope this diagram will answer that. We run all devices on a subnet mask of 255.255.0.0. The internal router we are using as a main node (192.168.0.1) is allocated to the DMZ in the Draytek router.

Leo · April 7, 2022, 2:18am

Could your connect the PC to GL-X300B(192.168.0.1), then try to access the remote node admin panel? As the diagram I show below.

curl3y · April 7, 2022, 6:56am

Thanks again to everyone for their help with this, this community is amazing.

Leo, I will try this, I am out of the office today and will try this tomorrow morning.

Would I need to configure the WAN port to be a LAN port? The GL-X300B is currently plugged into the Draytek using the LAN port.

Leo · April 7, 2022, 9:23am

Would I need to configure the WAN port to be a LAN port?
Yes.