Feature specifics - what is/are needed:
Support certificate based authentication in addition to the existing pre-shared key authentication for L2TP over IPsec remote user access VPN for security reason and for better user policy management.
Support assigning an IP address from a VLAN other than the untagged VLAN to L2TP over IPsec users.
Support reserving an IP address from a VLAN other than the untagged VLAN to L2TP over IPsec users.
Products that the feature to be developed on:
all Peplink products that support L2TP over IPsec.
Deployment specifics
Deployment: a Peplink Balance deployed at the headquarter connected to 40x remote tanker ships each equipped with a MAX BR1 IP55 by PepVPN. Remote users need to be able to connect to the Peplink Balance at the headquarter by L2TP over IPsec to access resources at the headquarter and on the tankers ships.
Application: Certificate based authentication would enhance security in a world where enterprise security breach is on the news everyday incurring massive financial and marketing demage. Assigning and reserving an IP address from a VLAN other than the untagged VLAN would allow for better user access management and enhance security.