Peplink 20: Outbound Policy not working consistently


#1

I have a Peplink 20 router with 2 WAN connections.

The first rule uses the Enforced Algorithm to interface with WAN 2 by Source MAC Address.

That works fine, until I establish an IPsec service connection (using Windows L2TP VPN)—in which case, it put it on WAN1.

I’ve also tried it using IP address, and no matter what I try to use, it routes the traffic through WAN1.

What could be preempting my first rule?

Thanks!


#2

Hello,

The client that is forced through WAN 2 (by defining MAC) goes out WAN 2. From the same client, you are connecting via LT2P to another router, in which case it routes through WAN 1? Hoping you can clarify the L2TP setup.


#3

IPsec NAT-T needs to be disabled under: Network> Misc. Settings> Service Passthrough Support to control this traffic with outbound policy rules. It is enabled by default to prevent problems out the box for client VPN users when a multi WAN router is introduced essentially keeping IPsec traffic on a single WAN.


#4

Thanks, Ron, that solved my issue!

Jarid, your explanation makes a lot of sense and helps with another issue I’m having.