Consultation on Migrating from FortiWAN to Peplink Architecture

A customer is migrating from a FortiWAN to a Peplink. The existing FortiWAN setup has a one-to-one mapping between ISPs (WANs) and LANs, with at least two such mappings. While routing is not necessary, the Peplink is expected to handle NAT for HTTP/HTTPS traffic. All other NAT functions are performed by the downstream firewall.

We are exploring two potential solutions:

  1. A Drop-IN architecture, but due to architectural constraints, this option seems impractical.
  2. IP-Passthrough, which we have not implemented before.

We would like to gather input on the best approach for this scenario.