Inbound OpenVPN


#1

I am new here and exploring the option to use the Balance 380 for my organization. I searched and was not rewarded with any useful information as to how i might implement Open VPN from inbound clients over multiple WANs. I see that people have been asking for hardware support for Open VPN (or software running on the balance hardware) for 5 years or more with no support, which leave me with a LAN based server. Is there a PDF write up of how to set this up with multiple WANs and the DNS fail-over feature?


#2

Please refer to the forum post below :slight_smile: :


#3

Thank you. I have seen that posting, but it does not help much (and it is full of errors), nor does this posting.

I don’t think it is very complicated. It just needs to be explained how the Peplink Balance and the various LAN servers handle the static IPs assigned by two or more different ISPs. It should be discussed how and if non-public IPS (192.168.x.x) might be needed behind load balancing NAT of the Peplink Balance.

It is unclear to me if it works with OpenVPN at all.

The office arrangement is part of a DNS system at all presently, so there is no name to resolve to IP from WAN1, WAN2, WAN3 right now. The domain web servers and main records are being hosted on AWS, so i do not need to balance them. It is these development servers that i need to get to via OpenVPN and static inbound mapping through the load balance. I am sure the outbound traffic will work fine from the users or the development servers.


#4

Hello @bug,
The Peplink/Pepwave routers do not directly support OpenVPN currently, there is a feature request here that you may like to add your voice to.

You can have an OpenVPN Service running through the Peplink/Pewave range much like any other service, in simple terms you just need to setup the correct firewall rules established on the Peplink/Pewave device to pass the OpenVPN traffic through to your own OpenVPN server.

We would recommend that you get in contact with your local Cerified Peplink Partner here, just select your required region.

Out of interest, why are you using OpenVPN, have you considered looking at the Peplink solution of PepVPN & SpeedFusion?

Happy to Help,
Marcus :slight_smile:


#5

I will start reviewing the long manual to see what it reveals. It sounds like it is best to set up NATed servers inside the router and port forward a port to a server set up as an OpenVPN server. This should work for at least one ISP assigned static IP WAN.

I am not fond of IPSec based VPN solutions any more. I trust OpenVPN, and it is easy to use the clients on Windows, MacOS and Linux, with simple SSL based tools.


#6

Hello @Bug,
The PepVPN is a Peplink proprietary based system redesigned from the ground up with encryption from the get-go. PepVPN is very different from IPSec and it forms the underlying basis the Peplinks incredible SpeedFusion technologies.

We have been using OpenVPN & IPSec with many clients though are progressively moving them over to PepVPN due to the improved security, reliability & performance being seen.

You can read more here at the Peplink website

Happy to help,
Marcus :slight_smile: