Balance 20 and VPN's


Forgive me if this is a very newb question and has been answered already… I did spend some time going through the past posts, but gave up after the 8th page… and a search didn’t help me much.

Here’s my question/problem…

We have a Peplink Balance 20, two DSL lines and a server running Windows Server 2003 (old, I know, but it’s what we got…)

Everything works pretty good, no major headaches. However, somebody (read ‘the boss’) wants to access the server from home so I figure, no problem – VPN…

My understanding is that the Peplink Balance 20 doesn’t have a built in VPN server, so I have configured the VPN server on our Windows server. This seems to work okay because I can attach to the server with the VPN connection, internally, if I type the servers address directly (ie.

I have set up the port forwarding on the WAN2 (the line that he is going to try to attach to) as follows;
[TABLE=“width: 100%”]
[TR=“class: tablecontent2”]
WAN2: Interface IP

[TR=“class: tablecontent2”]
WAN2: Interface IP

Is there something else that I need to set up on the Balance 20?

Is there a ‘guide’ somewhere for doing this?

Thanks in advance!




Actually the Balance 20 does have a built in PPTP Server along with IPSeC VPN. Otherwise It does look like that you did have the correct rules/protocols setup. There is a KB article that does explain offer configuration for “PPTP Passthrough”.


Thanks for the quick reply!

The VPN server for the Balance 20 is a relatively new thing, right?

We’re running an older version (5.3.8 build 1166). We run our VOIP through this. Everything is working fine right now, so I’d rather not upgrade the firmware if I can avoid it – the old “you don’t pick up a sleeping baby” rational.

I’ll give that article a read report back:)

Thanks again!!




That is a great rational! Okay, well if you ever do want to upgrade and utilize the balances PPTP Server/IPSeC/PepVPN and other features. The firmware can be found below. Just let us know how things are after the article and we can surely pick this up again and dig a little deeper if the issue is unresolved. Normally it is simply defining the Server on the balance and then setting up a port forward to the already mentioned (IP47, TCP1723) Then selecting the server that you defined in the balance that is on the LAN side. Win Server 2003 I believe.


I have downloaded the upgrade… I’ll upgrade if I can’t get this to work…

You mentioned one thing here – I have to ‘define the Server on the balance’… That doesn’t sound like something I’ve done.




Sorry for the confusion. That article I did send was for a little bit higher higher balance. But it is relatively the same setup. Since you have a balance 20. When your doing the port forwarding rule you will notice the Server IP Address at the bottom. That will just be the IP of the server that will be doing the PPTP termination that you will define. I believe that it is required anyways to actually create this rule and you may have done this already. Hopefully I have cleared up the confusion there.


Still not getting much luck here:(

Is it posible that there is something with the DHCP? I’m using the Peplink to assing IP addresses, so if it passes the request through to the server, how does the remote pc get a new IP address?



Hi Greg, I recommend to upgrade to 5.4.9 firmware so you can use the built-in PPTP server on the Balance.

The Balance has two firmware banks, so if something doesn’t work you can easily switch back to 5.3.8


The Balance will still hand out the IP’s to the remote client even if it is sending the request through to the inside pptp server. I will agree with Tim here and second the upgrading to 5.4.9 firmware and using the Peplink as the PPTP Server, this will add simplicity to your current network setup and you will get to enjoy the new firmware features/improvements.


Okay… so the consensus is to upgrade the firmware. I’m going to do that.

Will this wipe out all my configurations and rules and such?



After upgrading to the newest firmware all of your rules/configuration will remain the same. It is always a good idea to back up a config also. The Balance 20 as Tim mentioned does have 2 firmware banks so you can always rollback to the previous version by going to System>Reboot: Then choosing the applicable Firmware 1 or 2 then reboot.



No this will not wipe out the configs at all. As Tim mentioned the Balance also contains two firmware banks so if you ever wanted to roll back you can go to System>Reboot and choose the previous firmware version that you were running.


Thanks for all the help. The update went okay – nothing fell apart, which is good, and the VPN server seems to work. I can attach to the VPN from my desk and it asks for the login and all that. Unfortunately, the person I have been trying to set this up for is still having troubles. My guess is that this is an operator error, now, though:)

I’ll take his laptop home tonight and see if I can get it to work…

Again, thanks for your help!! I really appreciate it!



Hello Greg sorry for the late response, No this will not wipe out the current config but it is always a good idea to back up the current config.