I’m new to the PepLink products, and am trying to clarify how outbound rules are applied. I’ll describe how I think it works, and am looking for correction or confirmation of my understanding.
As best I can tell, if you can’t successfully filter/direct traffic with a single rule, then you are SOL.
Rules get evaluated in the order that you specify. That part if clear. The manual also says that once there is a match on the outgoing packet, subsequent rules are not evaluated.
So, for example, I can’t have two rules that apply to the same outbound packet.
I can’t have one rule that says to direct certain users only through one set of WAN port, and also have a rule that enforces HTTPS persistence.
I can’t give devices a priority order in which to use WANs, and also block certain protocols.
I can’t block certain protocols for certain devices only when they are using a particular WAN.
I do realize that by using some combination of Firewall filtering and user groups I might be able to accomplish select combinations of filtering, but I can’t have a series of outbound rules applied, any one of which might block a packet from passing.
As a little background, my application is on a boat where there are multiple WAN alternatives with widely varying availability, cost, and bandwidth. When the WAN connection is an unlimited wifi service in a town or marina, I want to let all users do whatever they want. When the WAN connection is via a 4G/LTE modem, I want to allow most user, but block one or two known pigs, and also block one or two web sites like youtube, and block one or two protocols to be sure my data plan doesn’t get sucked dry. And last, if my WAN connection is the satellite system that costs $2000 per GB, I want to block all access except for one or two specific devices and one or two specific protocols.