Need advice on peplink solution


#1

Hi, I need advice on peplink solution. I had a scenario which have 2 sites and I called it as Site A and Site B, these 2 sites is located in 2 different location and was connected via an IPVPN. These 2 sites have their own internet access line by using 2 different ISP. Requirement 1: If site A’s internet line is down, the internet access will be route to Site B’s internet line via IPVPN and vice versa. Requirement 2: Site A and B have Juniper SSL VPN appliance. Currently client need to connect to specific WAN IP to get SSL VPN connected. End user intend to connect to single virtual WAN IP and this IP will map to site A and B wan ip’s accordingly. Load balancer will do the load balancing for this SSL VPN appliance. Pls advice if peplink have this kind of solution or you can propose alternative solution if there is. Pls take note that Site A and B is located at 2 different location and with diff ISP with diff WAN IP.


#2

It sounds like you need our SpeedFusion Unbreakable VPN technology. As long as both sites each have 2 or more ISP connections then the SpeedFusion VPN tunnel will be established between both locations and the tunnel will not break in the event of a single WAN failure. You can refer to our site for more details:


#3

Hi Tim,

Each site only have single ISP link. Fyi, am focus on internet access for both sites, means if Site A’s internet down, the internet access for Site A will be route from Site A to Site B via IPVPN and vice versa.

Remark: how about solution for requirement 2.

I’ve attached with diagram fyi.

Regards,
Jeff



#4

Hi Tim,

Any update. Pls advice.
Remarks: is inbound load balancing workable for requirement 2 in this scenario?

Regards,
Jeff


#5

Hi Jeff-

Since each site only has 1 ISP connection how do you plan to route traffic in the event that it goes down? To keep the VPN alive you would need a second connection for the SpeedFusion VPN.


#6

Hi Tim,

As stated in the diagram, there is 1 IPVPN link between Site A and Site B. End user intend to use this link as internet backup for each other.

How about solution for requirement 2?


#7

In that case you would treat the IPVPN as a second connection on the Peplink. You would just need to create a simple outbound policy rule to route the traffic out the regular ISP connection as priority 1 and if it fails then route it across the SpeedFusion VPN as priority 2. This will work just fine.

For requirement 2 you could use the Authoritative DNS feature and the end user could connect via domain name instead of IP address.