VPN Redendancy with Peplink Max BR1


#1

Good afternoon,

I am looking at a Pepwave Max BR1 LTE device for a customer whose end device is a Cisco ASA. There are a couple of requirements.

  1. Can the Peplink Max have a backup or failover VPN that it can automatically failover to in the event that the primary internet connection at the remote peer fails? This would continue to use the LTE connection as there is no secondary ISP at the remote site.

  2. If there is no failover or backup peer will the second configured VPN connection be used automatically in the event of an ISP failure at the main remote site?

  3. Is there another option instead of the Pepwave MAX BR1 LTE device that can handle these requirements?

Thank you!.


#2

If you’re using IPSEC for failover, Peplink’s IPSEC config does allow you to set its different WAN as failover options. How you does it on your ASA will be on the Cisco part though.

We have our own method for achieving VPN redundancy and failover, which we termed Speedfusion. You can find out more here > https://www.peplink.com/technology/speedfusion/. Of course, for this to work you’ll need a Peplink’s SD-WAN router on both end of a site-to-site connection.

As per the above link we have different types of Speedfusion connectivity. Depending on your solution you can propose either a failover type of VPN connection, or a bonding method which you can utilize more than one WAN connection within a single VPN tunnel.