The recommendation of CA is to only use a hub-to-hub tunnel when it is necessary to traverse networks (e.g. across the internet or firewalls).
If local, port-48002-based communication is available on the network, do not use a tunnel unless absolutely necessary (e.g. for encryption purposes).
If it is necessary to use a tunnel in such an environment, you will have better success if you block the local communication path (port 48002) in both ways to ensure that the hub doesn't try to bypass the tunnel.