Had a quick question was woundering if someone could point me in the right direction
We have over a dozen balance 20 and Pepwaves out in the field.
They are all connecting back to our office VPN.
They can all see each other and connect to each other as needed.
How does one segregate these networks?
We are thinking we would like them to not be reachable to each other by default.
However, if the need arises to be able to make an adjustment on the peplink and open it back up to a specific network
What is the best course of action to achieve this in a way it’s easy to swap it on and off if needed?
OSPF route isolation on the office peplink will stop it sharing all the learned routes via speedfusion. It’s a single checkbox to enable meaning its easy to turn it on or off but it is also all or nothing.
If all the remote subnets can be fit into a single supernet then you could use a singe rule to deny traffic between the sites (as long as the main site doesn’t fit in the supernet). You could then use single rules set above the deny rule to allow certain sites to communicate.