Break Internet Bandwidth Limits Higher Speed. Extreme Reliability. Reduced Cost. Peplink. All Rights Reserved. Unauthorized Reproduction Prohibited
Presentation Agenda Peplink Balance Pepwave MAX Features Concepts Scenario WAN Settings LAN Settings Drop-in Mode Drop-in VS NAT Complete VPN Solution SpeedFusion VPN PPTP Server
Presentation Agenda Outbound Policy Inbound Access Inbound Load Balancing DNS Settings One-to-One NAT Mapping NAT Pool QoS WLAN Controller Hardware High Availability LAN Bypass Bandwidth Usage Monitoring Additional Capabilities
Presentation Agenda Contact Support Diagnostic Report Additional Support Information Question and Answer Contact Us
Peplink Balance
Balance Series Specifications Model Balance 20/30 Balance 210/310 Balance 380/580 Balance 710/1350 Target User Power User/ Home Office Small Business Recommended Users 1-25 25-50 Throughput 100Mbps 100Mbps Mid-Size Business 50-500 300-1000 200Mbps 400Mbps Large Enterprise 500-2000+ 1000-5000+ 800Mbps 1500Mbps WAN Ports 2/3 2/3 3/5 7/13 USB WAN Support 1 1 1 1 Peplink VPN Bonding Add-on Yes Yes Yes VPN Throughput N/A 30Mbps AP Controller Support No No 60Mbps 80Mbps 50 100 160Mbps 350Mbps 250 500
Pepwave MAX
MAX Series Specifications 8
Features Internet Link Load Balancing & Failover Session based for Inbound and Outbound Proprietary and Confidential
Features WAN Bonding Packet based load balancing Single TCP/IP session can utilize all WAN links Using SpeedFusion VPN proprietary technology Proprietary and Confidential
Concepts Outbound Access a server on Internet (WAN) side from LAN, and the server returns the web data back to LAN Inbound A computer from Internet (WAN) access a web server on LAN. The web server returns the data back to Internet client
Concepts Outbound Load Balancing & Failover Controlled by Outbound Policy Peplink/Pepwave will distribute the outbound sessions to different WAN links automatically Knowledge Base - Understanding & Configuring Outbound Traffic rules
Concepts Inbound Load Balancing & Failover By using build-in authoritative DNS The resolution of DNS hostname contains IP addresses of all WAN links Knowledge Base - Understanding Inbound Load Balancing
Scenario Normal Operation (All WAN Up & Running): A Peplink Balance unit Three 1 Mbps Internet Links All links are operational Local Area Network Aggregated bandwidth: 3 Mbps = ISP A + ISP B + ISP C = 1 Mbps + 1 Mbps + 1 Mbps
Scenario Failover (One WAN Down): A Peplink Balance unit Three 1 Mbps Internet Links One link down: ISP A Local Area Network Peplink Balance re-directs traffic over ISP B and ISP C as failover.
WAN Settings Ethernet Connection Method DHCP Static IP PPPoE USB Mobile Connection
WAN Settings WAN link Health Check Determine whether the ISP link is routable to Internet. Methods: Ping / DNS Lookup / SmartCheck Ping issue ICMP PING packets to test connectivity DNS Lookup DNS lookups will be issued to test connectivity with target DNS servers. SmartCheck applies only to USB mobile connection. It is optimized for mobile networks with high traffic latency
WAN Settings Bandwidth Allowance Monitor Designed for non-unlimited link (eg: Satellite, 3G) Alert user when usage hits 75%/95% via Email Disconnect when hits 100% allowance Selectable billing cycle date Proprietary and Confidential
LAN Settings DHCP server DHCP reservation DHCP Option LAN static route Local DNS Proxy WINS server
Drop-in Mode To minimize disruption to the existing network. Before installation of Peplink/Pepwave: The network is connected to the ISP via a Router outside of the Firewall.
Drop-in Mode After installation of Peplink/Pepwave: Additional Internet links are installed. Peplink/Pepwave intelligently performs load balance and failover among the multiple links.
Drop-in Mode Requirement An additional IP address is required for Drop-in Mode Peplink Such as: 210.10.10.3 210.10.10.1/24 210.10.10.2/24 192.168.1.0/24 Proprietary and Confidential
Drop-in Mode Network > Interfaces > LAN
Drop-in Mode Installation Phase 1: Pre-configured Peplink Balance is dropped in between the Firewall and ISP Router. The LAN clients, Firewall, and ISP Router maintain the same configurations. 210.10.10.2/24 210.10.10.3/24 210.10.10.1/24 192.168.1.0/24
Drop-in Mode Installation Phase 1: LAN and WAN1 of Peplink uses 210.10.10.3 (for management purpose) 210.10.10.3/24 210.10.10.1/24 210.10.10.2/24 192.168.1.0/24
Drop-in Mode Installation Phase 2: Configure WAN2 and WAN3 (in NAT or IP Forwarding Mode) 210.10.10.3/24 210.10.10.1/24 210.10.10.2/24 22.2.2.2/28 33.3.3.2/30 22.2.2.1/28 33.3.3.1/30 192.168.1.0/24
Drop-in VS NAT NAT Mode All WAN links are in NAT mode Traffic goes over a NATted WAN, its source IP will be translated to the IP of corresponding WAN link Drop-in Mode: Peplink/Pepwave will bridge one of the WAN link and LAN segments For other WAN links, they will act as NAT
Complete VPN Solution Build-in PPTP Server Proprietary SpeedFusion VPN Bonding Failover Site-to-site IPsec VPN
SpeedFusion VPN Key Features VPN Bonding VPN Failover Built-in Automatic Routing Protocol 256-bit AES Encryption Easy configuration via Web Admin
SpeedFusion VPN Allows VPN traffic to load balance across multiple connections (Balance 210/310/380/580/710/1350) Two Suggested connection scenarios Mesh Scenario Star Scenario
SpeedFusion VPN Aggregate all WAN connections bandwidth Traffic load balanced at packet level Automatic failover during WAN link failure
SpeedFusion VPN Configuration of Branch A Configuration of Branch B Branch_A Branch_B Subnet A 192.168.50.1 Subnet B 10.10.10.1 Subnet should be different between two locations
PPTP Server Allows Windows / Mac connect on public Internet to internal LAN natively Proprietary and Confidential
PPTP Server Authenticate PPTP user via Local User Account (Stored in Peplink itself) External LDAP Server External Radius Server Proprietary and Confidential
Outbound Policy Rule Based Custom Rules Seven load balancing algorithms Click to delete a custom rule Click to add/edit custom rules Drag and Drop to re-order the priority of rules
Outbound Policy Weighted Balance Distribute the traffic across different WAN links based on the weight. 10:5:1 means 10 Sessions (10/16) will be across WAN1 5 Sessions (5/16) will be across WAN2 1 Session (1/16) will be across WAN3
Outbound Policy Persistence Make the specified types of traffic to always be routed through a particular WAN link based on source or destination IP address(es). Example usage: Secure login session such as HTTPS.
Outbound Policy Enforced Route the specified traffic through a single WAN connection/vpn Profile only, regardless of WAN link up/down status. Example usage: Restricting outbound SMTP traffic to one specific WAN link.
Outbound Policy Priority Distribute the traffic in the specified order. Highest-priority available WAN link/vpn profile will be used first. Lower-priority WAN links will be used when higher-priority WAN links become unavailable.
Outbound Policy Overflow Route the traffic to a lower priority link when the highest priority link has been congested. Least Used Route the traffic to the most available WAN link according to download usage. Lowest Latency Route the traffic to the lowest latency WAN link Periodic latency checking will be performed to determine the latency
Outbound Policy VPN Connection can be selected as Outbound Connection Selected traffic will be routed across VPN Connection with Priority and Enforced Algorithms
Inbound Access Also known as Inbound port forwarding / Inbound port address translation Only support on Balance MAX not supported
Inbound Access A web server located on LAN with physical private IP 192.168.1.100 Existing firewall is doing Inbound NAT for 210.10.10.100 to forward to 192.168.10.100 Web Server LAN IP: 192.168.1.100 Public IP: 210.10.10.100
Inbound Access To allow access the web server via WAN2 and WAN3, the Inbound Access rules are required. Web Server LAN IP: 192.168.1.100 Public IP: 210.10.10.100
Inbound Access Network > Inbound Access > Servers Network > Inbound Access > Services
Inbound Load Balance Inbound Load Balancing distributes inbound traffic across multiple WAN links by using buildin DNS server. Balance DNS server is required to be an authoritative DNS of the domain. Eg: foobar.com
Inbound Load Balance The DNS query result of www.foobar.com will be Name: www.foobar.com Addresses: 210.10.10.100, 22.2.2.2, 33.3.3.2 If ISP2 goes down, the DNS query result will be Name: www.foobar.com Address: 210.10.10.100, 33.3.3.2 210.10.10.100 22.2.2.2 33.3.3.2
Inbound Load Balance To configure Peplink Balance as Authoritative DNS of the domain. It is required to point the NS record to Peplink in the Domain Registrar (eg: Godaddy.com)
DNS Settings Enable DNS listener Create Default SOA/NS
DNS Settings Define Default SOA/NS Records IP of NS should be same as the IP selected in DNS listeners
DNS Settings Create domain name foobar.com
DNS Settings Create A Record Click to Create a new A Record Enter the host www Select the IP address on multiple WAN links for www
One-to-One NAT Mapping Allow the IP address mapping of all inbound and outbound NAT ed traffic to and from an internal client IP address. Click to delete a NAT rules Click to add/edit NAT rules
NAT Pool A range of LAN IP address or a LAN subnet can be mapped to multiple IP public IP address as source IP for their outbound traffic.
QoS User Group Based Classification Manager Staff Guest Add/Edit User Group by IP address or Subnet IP
QoS Control Group Reserved Bandwidth Reserve minimum bandwidth for user groups Control Per-user Bandwidth Limit Define maximum bandwidth for each user of the groups
QoS Traffic Prioritization for default and custom applications 3 Priority levels: High, Normal, and Low Support different kinds of applications liked Email, VoIP Based on TCP/UDP/IP/DSCP
WLAN Controller Only support on Balance MAX not supported Manage up to 500 AP One within Peplink Balance Software Add-on Access Point Auto Discovery Configuration, Firmware Management Seamless Roaming of Wi-Fi Device Multiple SSIDs Model 380 580 710 1350 Max. Number of AP support 50 100 250 500
WLAN Controller Four steps to setup the WLAN Controller 1. Enable AP Management 2. Define SSID(s) 3. Create AP Profile 4. Assign AP Profile to one or multiple AP One devices Proprietary and Confidential
WLAN Controller Enable the Access Point Management feature at Network > AP Management.
WLAN Controller Define the SSID in Wireless Network Settings.
WLAN Controller Add a New AP Profile
WLAN Controller Enter the AP Profile Name Select the Wireless Networks (SSID) which defined in the previous step. Please note that you can enable a maximum of four wireless networks.
WLAN Controller Connect your AP One devices to the network containing the Peplink Balance. Go back to the Dashboard and click the Change AP Profile button.
WLAN Controller Select the connected/detected AP One devices to which you would like to assign the AP profile. Then select the desired AP profile from the drop-down list.
WLAN Controller Click the Yes button to confirm the change. The selected AP profile will apply to the listed AP One devices immediately.
Hardware High Availability Peplink Balance 210/310/380/580/710/1350 support High Availability via VRRP, Virtual Router Redundancy Protocol: A pair of Peplink Balance units work together. Master unit is Active. Slave unit is on Stand-by.
Hardware High Availability In the event of Active unit fails: The Stand-by unit becomes Active. New Active unit re-establishes Internet connections. Outage is minimized.
Hardware High Availability Each unit has their own LAN IP address and use a same Virtual IP. For non-drop-in mode, the VIP will be the default gateway of LAN hosts For Drop-in mode, WAN1 s default gateway will be the default gateway of LAN hosts 192.168.1.3 Configuring HA for Slave unit 192.168.1.2
LAN Bypass Available in Peplink Balance 580/710/1350 LAN Bypass is a fault-tolerance feature that protects you in the event of power outage. When used with Drop-in Mode, such failure would be completely transparent to the network. In the following example, WAN1 and LAN1 ports are bridged together when the power runs out.
Bandwidth Usage Monitoring Show the bandwidth usage statistics Three periods of statistics: Real-Time, Daily, Monthly Usage will not be shown at the time when device had been switched OFF Real-Time Click Show Details to view the usage of different WAN or type of traffic
Bandwidth Usage Monitoring Daily Detailed usage statistics of ALL WAN with IP Address can be shown by clicking corresponding Date A selected WAN usage can be shown in billing cycle when the bandwidth allowance monitor of that WAN is enabled
Bandwidth Usage Monitoring Monthly Detailed usage statistics of ALL WAN with IP Address can be shown by clicking the first two Month rows A selected WAN usage can be shown in billing cycle when the bandwidth allowance monitor of that WAN is enabled
Additional Capabilities E-mail notification: Send email to user for any WAN up/down event, Site-to-Site VPN, HA status.
Additional Capabilities Rule-based stateful Firewall: Support for an unlimited number of rules. Drag and drop user interface
Additional Capabilities Reporting Service
Contact Support Detail description of the issue Network Diagram with detail IP address scheme Troubleshooting steps that you performed Diagnostic Report of related units Remote Assistance of related units Send email to priority.support@peplink.com Proprietary and Confidential
Diagnostic Report Obtain Diagnostic Report via Status > Device Proprietary and Confidential
Additional Support Information Support Information Page contains LAN/WAN Ethernet details Remote Assistance Network Capture Realtime information of WAN Health Check To access Support Information page, from the Brower URL, change the link http://<peplink s IP>/cgi-bin/MANGA/index.cgi Proprietary and Confidential
Additional Support Information Support Information Page contains LAN/WAN Ethernet details Remote Assistance Network Capture Realtime information of WAN Health Check To access Support Information page, from the Brower URL, change the link http://<peplink s IP>/cgi-bin/MANGA/support.cgi Proprietary and Confidential
Questions and Answers
Contact Us Peplink United States Office 800 West El Camino Real Mountain View, CA 94040 United States Tel: +1 (866) 463 0129 Fax: +1 (866) 625 4664 Peplink Hong Kong Office 17/F, Park Building 476 Castle Peak Road Cheung Sha Wan Hong Kong Tel: +852 2990 7600 Fax: +852 3007 0588 Peplink Italy Office Via Sismondi 50/3 20133 Milan Italy Tel: +39 02 8986 6852 Peplink Saudi Arabia Office Queen s Tower 24 th Floor, Jeddah Saudi Arabia Tel: +966 504336952 Peplink South Africa Office Sales: Unit 24, Cambridge Office Park, 5 Bauhinia Street, Highveld, Centurion, South Africa Tel: +27 12 665 5829 http://www.peplink.com/contact/sales/ Support: http://www.peplink.com/contact/support/