We have a Peplink Balance 20 for a small accounting office of about 25 people. I’ve been asked to look into remote access options. I’ve played with the Remote User Access feature in the Peplink, but with some recent hacking incidents in the industry, I’m looking for something beyond a simple username and password. I’m thinking some kind of second identification. A PIN or maybe something like Google Authenticator.
Does Peplink support this natively in any fashion? Anyone using anything like that along side a Peplink router?
2 factor authentication is currently not available for the remote user access. I will move you to feature request and let engineering team to consider the request.
One of our client uses DUO and it works great. @keith@AskTim@sitloongs I think some kind of app and push notification like DUO for firewall rules and vpn connections would be a great addition to the peplink feature set.
I have a client that wants to actually remove the peplink equipment we have put in as it doesn’t support zerotrust.
We are a DUO Security user and it works great, but I cannot get it to pass–thru our Peplink. At least I think that is what prevents the push prompt from reaching my cell. Does the client you reference use an edge router other than Peplink?
Hi there, would you happen to know if this would also work with our fusionhub instance?
I’m looking for a way to somehow integrate DUO push for users to connect via VPN to our fusionhub device.
I am not familiar with the FusionHub product, but I can offer that the key to getting the push to work will be to get your inbound/outbound rules in place. In my case Inbound Port Forwarding, a NAT Mapping, Internal + Inbound + Outbound Firewall Rules were essential.
Keep in mind that other considerations are important as well. Namely, the base setup of your router will impact how DHCP may be handled, and also the internal network (Linux, Windows). I would love to learn about the FusionHub - I vaguely understand that it can act as a hot failover between two internet lines, but perhaps that is not the full story. For example, what router do you have between the FusionHub and your network - also a Peplink product?
AWS hosted FusionHUB instance
Multiple deployed HD4’s that have 4 carriers sims+WAN uplink if available.
The HD4’s connect to fusionhub over speedfusion.
Speedfusion bonds all uplinks with failover/aggregation.
What we want to do that is currently working:
User connects via L2TP VPN to the Fusionhub instance in AWS
Once connected, user can access devices that are locally attached to any HD4 (ie. a camera)
What want to do:
Enable 2factor on the L2TP VPN connection to Fusionhub.
The current allowed authentication methods on the fusionhub/pepwave device are:
Local users, LDAP, RADUIS, AD
I wanted to use DUO for push auth 2fac. I think the only thing that may work would be:
Build an AD server and use LDAP with DUO LDAP proxy
Build Radius server and install DUO Radius proxy
And yes we have existing AD for corp but not available currently to use due to security policies. Possible afterwards since this is still proof of concept
+1 for me…
Using DUO for remote support of one of my clients and it works great.
Would like to see something like that compatible with PEPLink products that We use.
Can you give me a breakdown of how you set this up/ got it to work as i am trying to do a similar setup where remote users connect to a balance 20 device with vpn, then use rdp to connect in. I want the duo 2 factor to work on the rpd login session