I would like to setup a config where I have 2 DSL connections providing Internet access to two different / independent LANs.
I have today a setup with Peplink 20 connected to the 2 DSL boxes and providing the “main router” function. Now I need to add another LAN, totally independent, not reachable by and not able to reach the current LAN.
What would be the best setup to achieve this?
I was hoping I could keep using the Peplink as my main router and add a second router to connect the second LAN to it, but then I have kind of double NAT and also, the machines behind that second router seem to be able to “see” the machines on the LAN ran by the Balance 20…
I could add a second router to isolate my personal LAN, but then both LANs would have double NAT to internet:-( and I’m not sure the capabilities of B20 would be fully used?
What would be the clean and “right” way of implementing this?
Our upcoming 6.1 firmware will allow you to define a 2nd LAN subnet on the Peplink itself. It is out in beta right now and should be public in the coming weeks…
Another good feature option is that the Balance 20 has two firmware banks so if the beta is causing issues you can easily revert back to the previous firmware. This can be found at System>Reboot. Otherwise the public release is forthcoming in the coming weeks and will be sure to announce it.
Okay, will try tomorrow.
I was wondering if there are more details available on the second subnet that can be defined? How is this going to work? Is this going to allow me to specify that LAN port #1 is e.g. on subnet 1 and LAN port #2, #3 and #4 are on subnet 2?
Also, when I looked at the 6.1 features list in the beta forum, I was not able to see what exactly corresponds to the second subnet capability? Is it VLAN on LAN?
Found that and guess that it could be the answer to my question above :
Not sure still, any way, that I know how I’ll be able to use the defined subnets if there is no VLAN per port type of thing (that I could not see on the above screenshots)? Sorry for the basic question:-(
Currently, the VLAN feature in firmware 6.1 is 802.1q VLAN trunking which turn the all LAN ports to trunk ports. In your situation, you have to connect to another layer 2 switch in order to decapsulate VLAN tag for you LAN host on different VLAN. BTW, I believe you want the feature of port based VLAN which you define different VLAN on different ports which we are considering it in future firmware.
okay, this is what I feared. Going back to the initial purpose (to have 2 different and independant LANs using the 2 WANs), what is the best way for me then? I don’t have a high end switch, but I have 2 ASUS N66U that maybe I could use for that purpose?
Since I’m a bit far away from my comfort zone:-), i’d like to check if I’m on the right track : Can I use the N66U as an AP + switch (not as router) and have it do VLAN tagging on a port basis (on the port that goes to the B20).
Is this making any sense? Would then the clients connected to this N66U be served an IP address from the second subnet on the B20?
Coming back to this. From Tim’s answer I had hoped I would have an easy and clean solution with my B20 and now I’m a bit “pending”… What is the time frame for upcoming firmware to do port based VLAN? Are we talking weeks or months or more?
Also, from the conversation above, I infer that port based VLAN is supported by the chipset and not yet by the software that should allow its activation…
Any chance that I can activate port based VLAN via a kinf of CLI or script?
Sounds very good.