Peplink VPN

We are in a location were bandwidth is top dollar, luckily we came across a very cost effective and affordable WAN optimization solution that really works. This is coming at a time when we are migrating our core gears to peplinks’ however, my experience with peplink is very limited.

In addition to being a WISP, we also are building tower stations and into distribution using good old back-hauling on microwave however there is just no way we could reach some locations and then we came across peplink VPN and the idea to link these two technologies together.

The idea is to create a VPN with one peplink device say BPL710 at our main basestation with STM1 bandwidth capacity and then at a remote location, rent perharps 1 or 2mpbs link from an ISPs that already has service and place a smaller peplink device with VPN setup there. The WAN optimization device is a bridge device and will bypass the WAN bottle neck by compressing data to smaller packets at main base station and the decompress them at the remote end so for example, we could via the peplink VPN between the BPL-710 and say smaller peplink device, bypass the 2mb limit rented and push up to say 80Mb to the remote site. Since the WAN optimization device is a bridge, there are no network configurations to set.

My question now is:

  1. How do we setup the peplink VPN between the BPL-710 and the other small peplink device (say up to 40)?
  2. How do we use our own IPs at the remote end of the VPN.
  3. Will the clients connecting behind the peplink router at the remote site have access to Public IPs should we decide to give?

Thanks in anticipation of any response.

Hello,

  1. Setup of the VPN is very straight forward:
    Peplink | Pepwave - Forum

Per the link above, basically each Balance will have a Local ID. You will define the remote ends Local ID and Public IP (pre-shared key is optional). Also NOTE: We only require that one end define a Public WAN IP. So if you have a public on the HQ site, the remote location will define the Main HQ’s Local ID and Public IP to build the tunnel. HQ can just define the remote ends local ID.

If you would like to get more familiar with the Balance 710 here is a live demo (B710) Go to Network>SpeedFusion>Add Profile:

2/3) Once the tunnel is established you can create Portforwards/NAT Mappings on the HQ side and assign them to remote devices across the tunnel.

Hi, Further to Jarids answer I have a couple of questions.

The public IP ranges are on the STM1 link at the main base station right? And what you are looking to do is have client devices connected to the LAN side of the peplink at the remote stations that can consume those public IPs (ie a customer firewall/router)?

If so then you could use Layer 2 SpeedFusion VPN tunnels between the main base station and the remote stations. L2 tunnels will effectively bridge the LAN side of the 710 to the LAN side of the remote balance devices, so over this bridge you can then distribute the public IPs you have at the main station to the clients at the remote sites using an additional L3 device at the main base station to route them onwards to the internet.

Its probably worth sketching out the topology and your current/envisaged network devices to clarify how it would all plug together but that would work great. I have worked with UK Peplink ISP partners doing this over bonded DSL so don’t see any immediate gotchas.

Feel free to send me a PM with your email address if you’d like me to work on the design with you.

Thanks Jarid Petermann and MartinLangmaid. You rightly pointed out exactly what we are trying to achieve. I think your explanation is quite explicit too…and yes, I wouldn’t mind you helping out on the design. I will draw up a design Topology and send you a PM alongside my email details soon on how the connectivity would work…perhaps I will wait a bit until we receive the main peplink gears… This project is closely related to my earlier thread: Peplink | Pepwave - Forum therefore, I will combine both in the PM its its ok with you.

This is by far the most helpful forum I have been in, thank you once again. A very satisfied customer.

1 Like