Hi guys, I have both a Peplink Soho and Balance 20X.
My backup WANs are a SIM card that directly plugs into the 20X and WiFi as Wan on the SOHO.
I was wondering if you guys can help me design the outbound policy to allow full Internet under the primary WAN and then limited Internet under the backup LAN to preserve bandwidth and data.
Most important is a business web application that is located at a public ip address or domain name (whichever is easiest) that is over https and therefore I want https persistence on the main WAN. If the main WAN goes down, I would like https persistence on the backup WAN, but I would like to reset the https connections when the primary WAN becomes available again to preserve data; it is ok if users need to login again when primary WAN is restored.
Under primary WAN I want all traffic going through primary WAN and no traffic going through backup cell phone WAN. If primary WAN goes out, I only want a whitelist of some domains to be accessible (like the business domain mentioned in #1 above and mail.google.com) and my VoIP phones (these are managed, I haven’t researched their traffic destination or whether they function primary via outbound or inbound connection)
All other traffic should be blocked on backup WAN.
I know that SOHO and Balance 20X have different algorithms (SOHO is limited to priority and enforced) and I realize that the options in the 20X include leaving the backup WAN connected or only enabling the backup WAN when primary fails and that the rules can be built around this…
Can someone help guide me to achieve the outbound policies I want?