SpeedFusion L2 Site-to-Site VPN with More Than 5 VLANs – Design Recommendations

Hello everyone,

I hope you are all doing well.

I am currently working on a deployment that requires a site-to-site SpeedFusion VPN between two locations. Both sites are running Peplink routers and need to operate as if they are on the same Layer-2 domain.

Environment overview:

• Both sites use identical subnets
• There are 12 VLANs that must be extended across both locations
• Requirement is to use SpeedFusion Layer-2 VPN
• Objective is full VLAN transparency between the two sites

Challenge:
As per my understanding and current configuration limits, a single SpeedFusion VPN profile supports a maximum of 5 sub-tunnels (networks/VLANs). This presents a limitation, as I need to carry 12 VLANs across the VPN.

Question:
What is the recommended design approach to support more than 5 VLANs over SpeedFusion L2?

I would appreciate guidance from anyone who has implemented a similar design in production.

Thank you in advance for your support.

I’ve run into this limitation before about 2 yrs ago…
…
Configure a speedfusion tunnel between both sites and 1 subtunnel… Call the subtunnel VLAN 200…this will be your service VLAN and will be a separate VLAN ID from the 12 you’re going to send across net…
.
Then on your routers enable a port for Access 200 on say LAN port 4…

On the QinQ switches…

Create your service VLAN for VLAN 200.

Trunk your 12 VLANs into the service port…

Plug your Q in Q service port into the peplink router port 4.

Or if that’s too heavy run 2 subtunnels with 6 x VLANs each.So running critical stuff on one and non essential.on the other