Hello,
Ran the setup wizard to configure our new Balance 580 for drop in mode on our primary internet connection and have a few questions. The Balance 580 will sit in between our ISP provided Cisco 1921 router and a L2 perimeter Cisco 2960x switch which then up-links to our Checkpoint firewall HA pair.
Current path is Checkpoint FW (X.X.X.2) TO L2-2960x TO Cisco 1921 (X.X.X.1) .
Proposed path is Checkpoint FW (X.X.X.2) TO L2-2960x TO PEP580 (X.X.X.100) TO Cisco 1921 (X.X.X.1)
1). Once I put this inline, will I have to bounce the 1921 router and Checkpoint 5600 pair for ARP stuff to work?
2). I assigned an available IP out of our public /24 block (X.X.X.100) to the bridged WAN interface…is this what I will use for the Management IP of the device or should I work up one of the other interfaces?
3). SSH access, should I do LAN only or LAN/WAN?
4). Visio stencils… anyone have some better ones for a 580?
Many thanks!
Tom
Balance 580 will act as ARP proxy. So, it will answer the ARP request.
Yes, X.X.X.100 will be the Management IP of Balance 580.
LAN/WAN
Here you go - https://www.peplink.com/resources/
1 Like
Thanks! Last question, does it matter which of the 3 LAN ports I use as my uplink from L2 switch? The only reason I am asking is that on the front of the new 580 the diagram shows the port #3 connected to the WAN1 port as LAN Bypass.
1 Like
Drop-in mode has a LAN Bypass feature which allows the device to act as a wire between the LAN and WAN1 in the event of a hardware failure. LAN port 3 should be used for this feature.
1 Like
Worked swimmingly everyone thanks. I am now ready to add new static IP FIOS 1 Gig circuit to the WAN2 interface and wish to know if I need to configure anything special for the WAN2 interface besides the address and link speed. Also, do I need to be concerned about configuring any outbound policy or are defaults fine? Ultimately I would like to direct certain bandwidth intensive URLs to the larger capacity 1G pipe (ie., YouTube). Thanks