ePMP3000 - SM Traffic Isolation issue

Did you experiment this weird SM traffic isolation issue on epmp3000 ?
Same setup was all functional using epmp1000 AP.

A Residential customer is unable to connect via VPN on his business-site on the same AP.
SM traffic isolation is DISABLED.

Business-site is a Force200 in bridge mode and have a router behind.
We use a different VLAN at the business router to connect to our OSPF network.
Everything else works as usual.
The customer VPN is functioning normally when shutting the main business link and forcing their traffic via another OSPF path.

Same issue here. We sadly solved the issue installing another AP on the tower.

Hi, @alextargo!

Can your customer ping his business site host without vpn?
Did you try to use tcpdump to see what is going on there?
Another clue, could you try with NSS disabled on AP?

Thanks Andrii,

Ping is ok
VPN and traceroute are not.

How do you disable NSS-Offload on epmp3000 ?

e3k_cs>config set cambiumAccelerationEngine 3
e3k_cs>config commit

Also do it on SM if it is F300. There is ECM and it is something similar

thanks, we’ll let you know.

We also experienced the issue. But our setup was little different. Nevertheless we determined this was definitely caused by ePMP3000 AP. TCP and ICMP traffic easily passes, but there was some weird issue with UDP packets. In our case it was MSSQL database using UDP protocol, but I imagine it might be similar with VPN. We solved this by turning one SM to different AP…

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.