Vpn Topology

I was wondering if anyone could tell me if this is a viable topology using Peplink?
(Basically having two head-end balance devices at differant sites, which have a vpn connection between them, and each remote has a MAX vpn tunnel to both balances (for redundancy) ).


Your topology looks fine as long as each location has a unique subnet.

When both tunnels come up , how do the peplink MAX decide which tunnel traffic goes out, and on the hub ends, how do you tell which tunnel (from Main site A or Main site B) is used for sending to the remotes?


I guess it would just be a routing decision based on best route? (can these be ipsec / or pep vpn?) the remotes would only have 1 internet connection for now, so it wouldn’t need speedfusion.

You would use PepVPN on the BR1’s and set up two profiles, one to each main site. Then you would set up a custom outbound policy rule in the BR1’s using the priority algorithm and decide which one is priority 1 and the other would be priority 2. Traffic will always flow over the priority 1 connection unless it fails, then it will seamlessly switch to the priority 2 tunnel.