Home/Support/Support Forum/Accessing devices inside Digi Network
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

Accessing devices inside Digi Network

0 votes
Scenario:
HQ has firewall and LAN IP segment of 192.168.90.x

Digi WR31 in the field has static WAN IP over cellular ( Verizon ) and LAN IP segment of 10.90.33.x Eth0 on Digi is 10.90.33.5

HQ and Digi are connected via an IPSec VPN Tunnel

Issue:
Once the tunnel is up, I can connect to the web interface of the Digi on 10.90.33.5 and can also ping that interface.

There is a switch connected to Eth0 and devices connected to that switch ( all are on the 10.90.33.x network )..... but... I can't ping any of those devices or connect to them from HQ.

If SSH into the Digi, I can ping them from inside the Digi, which tells me there is a config issue on the Digi.

Firewall is only enabled on the PPP1 interface.
asked Feb 24 in Digi TransPort Cellular by NorthGuard New to the Community (0 points)

Please log in or register to answer this question.

1 Answer

0 votes
If you can connect to the Digi via SSH it is going to be either your near end/far end subnets in the ipsec tunnel or a gateway issue in the far end device.

You can see this by tracing ICMP on the ethernet interface of the WR31 and seeing if you get a response.

A poor mans way of testing this is by turning on "eth 0 do_nat 2" and seeing if ping works to the end device. If that works it is 100% the end device gateway.

Nicholas Wilson
Your IoT
https://www.YourIoT.com.au
answered Mar 9 by NicholasYourIoT Veteran of the Digi Community (276 points)
...