We are looking for a device that can attach to an existing subnet and host a VPN but not route traffic accross the tunnel and keep the existing gateway that is on the local network. It looks like the Pepwave MAX can host a PPTP VPN. What we want is to be able to VPN into the client network and trouble shoot devices on the subnet, but not have to change any existing gateways.
Can the MAX do this? We tried a CloudGate and because it can only do IPSec, we had to pass all the internal devices through it as the gateway and this is not ideal.
Out of Band management is a key use case for Peplink routers. They way this is normally done is to deploy a Peplink router (either a small balance like the B20/30/One or a MAX BR1 depending on budget / remote connectivity requirements), on the customer site with their network connected to the WAN of the Peplink router. The Peplink can then tunnel out from within the customer network, out through their existing internet gateway, and create a secure PepVPN connection to another Peplink device or Fusionhub appliance in your cloud / Datacenter / office (anywhere with a fixed public IP).
Once that PepVPN is up, you can route your remote access / support traffic over the PepVPN to the Peplink device on the customer network and since the wired WAN is NATTED you can then access the customers devices directly via that WAN interface. The benefit of course is that if you use the Balance 30LTE or BR1, and the customer’s internet connection is down, you can still connect to their network it over the inbuilt cellular modem in the Peplink device.