Peplink VPN site to site introduction

We are happily using Peplink Balance One as a multi WAN router (4 WANs) and thinking about placing another one in another site.
Can Peplink site-to-site use all WANs to communicate site-to-site? Reliability?

I have just watched this video: https://www.youtube.com/watch?v=xNaq13FWu_g
I guess some WANs must be left free to comunicate over the Internet to allow non site-to-site traffic to flow over the Internet. If so, how do calculate this? Are there any best practices? Are two Balance One units sufficient to handle this?

Use all wans for the site to site VPN (buy the speedfusion bonding license for the balance ones) then limit the bandwidth allocated to the tunnel so that site to site traffic does not saturate the WAN links completely.

3 Likes

Thanks Martin, what’s your opinion to do this with two Balance One models? Each WAN has a VDSL connection with effective throughput of 55/10 Mb/s.

BTW using all WANs for site-to-site will still allow basic VPN connections from the Internet?

What’s your experience with site-to-site VPN? Satisfactory?

The Balance One is rated at 30Mbps of encrypted throughput. Depending on traffic types I’ve seen as much at 64Mbps through one. Your site to site traffic will be limited by your 10Mbps upload bandwidth anyway so the Balance One would be a good fit I think.

Yes this is fine. All wans can be used for site to site, remote dial in vpns as wellas for internet access.

I have spent the last 7 years doing nothing but building PepVPN and Speedfusion solutions in tricky locations.

Peplinks’ VPN tech is rock solid.

3 Likes

One last question,
why is the traffic rated at 30mbs when the aggregate max bandwidth is set to 640Mb/s (when 5 WANs are enabled)

The 640Mbps is the routing throughput - that’s traffic flowing from LAN to WAN. Traffic passing over a VPN requires realtime modification (vpn tunnel headers) and can also require encryption both of which consume cpu resources which are limited on the balance one.

If you go for a bigger router (like the B210 or B580) these have more cpu resources - some have dedicated VPN processors and so their VPN throughput goes up.

PepVPN throughput is listed as its own line item on the product comparison pages on the Peplink website.

4 Likes

Thanks Martin,

is there an additional latency overhead on VPN? SQL Server connections may suffer a bit. Current links range 5 to 15ms…

Yes of course. you’re going point to point across the internet so there will be additional latency but no latency is introduced by the VPN technology itself though that I’m aware of.

1 Like