Hi, Ron. Thank you for your reply. May I make my query more specific for the configuration on the Balance unit. I have the following connectivity requirement:
Peplink Balance 710 WAN1 is connected with Metro Ethernet private WAN service provided by an ISP. WAN1 establishes a dozens of speedfusion tunnels with Pepwave MAX HD2 units at different remote sites. WAN2 is connected with enterprise intranet and there will be a NSS server sitting in the subnet 172.16.1.0/24.
There are servers / PCs sitting in the Peplink Balance 710 LAN and various Pepwave MAX HD2 LAN which require to synchronize network time (NTP) and virus definition update (Symantec Endpoint Protection) from the NSS Server. All Peplink Balance 710 & Pepwave Max HD2 LAN segments are subnetted to 10.0.x.0/24.
Would you review the outbound policy setting that can allow all the subnets 10.0.x.0/24 be translated to Peplink Balance 710 WAN2 IP address for outbound traffic in order to successfully synchronize the network time and virus definition update from NSS Server?
Outbound policy on Peplink Balance 710:
Service Name: NSS outbound traffic
Enforced Connection: WAN: WAN2
Do I need to enable the similar outbound policy on each Pepwave MAX HD2 units with enforced connection as PepVPN or the outbound policy on Peplink Balance 710 be advertised to all other speedfusion endpoints by OSPF?