Peplink IPSEC VPN to backup MPLS


#1

Background:

Using Peplink 580

1x MPLS connect to WAN1
2x Broadband Internet connect to WAN2 and WAN3

I want to configure IPSEC VPN to remote site via WAN2 and WAN3, to backup if MPLS down.

Understand that if VPN is enable, all traffic will go thru VPN instead of MPSL WAN1 even it is at top of outbound policy list.

Anyway to cover come this.

Thanks/
Dylan


#2

You should consider Peplink hybrid WAN design.


#3

This is what we wanted. Just that the HQ do not have peplink. It does not matter since we not using Speedfusion, right?

Take exampe for below, Branch Office A, with this connection.

https://www.peplink.com/wp-content/uploads/2016/10/hybrid-wan-best-practice-09.png

We will configure the IPSEC VPN using WAN1 back to HQ, and enable it. Question is, how do we set the traffic from 10.12.2.0/24 to use WAN2 all the time, unless WAN2 down, only it use the VPN on WAN1.

And we have another subnet internally at Branch Office B, 10.13.2.0/24 , the guest network, will always use WAN1 to internet only.

Hope you get what I mean.

Thanks.


#4

Traditional IPSEC VPN and WAN router is not able to achieve your fail-over requirement. HQ router playing a main roles here for the traffics routing between the VPN & WAN traffics.

This have been well explained in the Hybrid WAN Best Practice example whereby HQ also require a Peplink Router.

PepVPN/Speedfusion is required for the fail over.


#5

Got it. Tks.