The Peplink Balance UI is a constantly evolving entity. Firmware updates and/or hardware revisions have adjusted the interface on a number of occasions. To make sure that everyone is current on where feature locations are, let’s review the current UI more closely (after ensuring you’re on current firmware-current firmware at time of article is 7.1.0).
The Network tab has undergone a number of revisions as new features have been added or revised.
Under the WAN Option, you are able to see basic information regarding the internet connections being used, connection methods, and if the connection is in an always on or stand-by/backup group state. On the main WAN page, you can also enable IPv6 passthrough for testing using one WAN connection.
You can then select the particular WAN Connection Name to get into its settings page along with further detailed information about the WAN.
For the LAN Option, you can now setup VLANs, which allows you to setup multiple LAN subnets/DHCP information (if enabled) for your network and assign a VLAN Tag to that group.
You also setup Drop-In Mode under the LAN (for supported units). Drop-In Mode allows you to transparently bridge a WAN connection through to the LAN interface. Drop-In Mode is only applicable to one WAN connection.
For Port Settings, you can enable port-based VLANs by assigning a port to a particular VLAN tag and if the port is a Trunk (passing all VLANs) or Access (allows just one VLAN through).
On Enterprise class units, you can enable IEEE 802.3ad Link Aggregation as well as Jumbo Frame support.
SpeedFusion configuration is done under the VPN section in Network. SpeedFusion is Peplink’s proprietary VPN that you create between Peplink devices allowing for benefits such as WAN aggregation, WAN consistency, and seamless session failover with a WAN failure.
Peplink also officially supports IPsec VPN termination to Cisco OS, Juniper, or other Peplink Devices. This is configured under the IPsec VPN option.
Outbound Policy allows for granular routing rules that affect your LAN-to-Internet traffic via a variety of algorithms you apply to the session.
Inbound Access affects traffic routing the other way, WAN-to-Internet, by setting up rules for a particular traffic type being sent to a particular LAN client.
Compatible Balances can also act as the Authoritative DNS for your hosted services (email server, web server, etc), allowing you to setup the Domain information on the Peplink and tie multiple WAN interfaces to that domain, giving you better accessibility and uptime.
One-to-One NAT Mappings allow you to tie a Public IP from the WAN to a Private IP/LAN client and route all traffic to that client.
Peplink has the ability to setup a Captive Portal and applicable splash page for your LAN that can be customized with graphics, text, terms and conditions, etc. that a client has to view before accessing the internet. With Peplink supporting VLANs, you’ve the ability to setup and segment a guest network from essential network assets.
QoS/Quality of Service is applied a couple of ways in the Peplink device; first by IP. You designate an IP to one of three user groups (Manager, Staff and Guest) -
You then apply rules for Bandwidth availability (whether a percent of total available for the particular group or a cap for everyone in that group).
QoS can also be applied on the application/traffic level, allowing you to assign priority for either a number of built in categories or assign a custom port for non-standard applications.
The Balance can also act as a stateful packet inspection/SPI firewall for your network, allowing you to setup applicable allow/deny rules for traffic types inbound, outbound, or internal LAN-to-LAN/VPN traffic.
A big change to the Balance is the expansion of the Content filter. Originally just setup as a site blocker, the Content Filter now allows you to screen traffic types via a variety of categories. You can setup applicable whitelists for traffic/websites to bypass the filter as well as exempt applicable user groups/subnets.
The Balance supports OSPF & RIPv2 Dynamic Routing protocols -
The Balance can act as a Client VPN termination point supporting both L2TP and PPTP VPN connections (using a standard client - WIN/MAC/Mobile). Setup the applicable credentials in the Balance and the client who uses that for connectivity.
The Balance suppports High Availability deployments, allowing you to deploy two units in tandem in an Active/Passive state using VRRP. You can also manage certificates for VPN usage, access to the Balance along with the Captive Portal. Service Passthrough Support is enabled by default for ease of use out of the box. This overrides outbound policy rules and you can define non standard ports used for VOIP, FTP, and IPsec quickly and easily.
The Network Tab controls a lot of the day to day operations of your Peplink and allows you to take total control of your network easily.