Break Internet Bandwidth Limits

Higher Speed. Extreme Reliability. Reduced Cost.

Peplink. All Rights Reserved.

2012 Peplink Unauthorized Reproduction Prohibited
Presentation Agenda
Peplink Balance
Pepwave MAX
Features
Concepts
Scenario
WAN Settings
LAN Settings
Drop-in Mode
Drop-in VS NAT
Complete VPN Solution
SpeedFusion VPN
PPTP Server

2012 Peplink
Presentation Agenda
Outbound Policy
Inbound Access
Inbound Load Balancing
DNS Settings
One-to-One NAT Mapping
NAT Pool
QoS
WLAN Controller
Hardware High Availability
LAN Bypass
Bandwidth Usage Monitoring
Additional Capabilities

2012 Peplink
Presentation Agenda
Contact Support
Diagnostic Report
Additional Support Information
Question and Answer
Contact Us

2012 Peplink
Peplink Balance

2012 Peplink
 Balance Series Specifications

Model Balance 20/30 Balance 210/310 Balance 380/580 Balance 710/1350

Power User/ Mid-Size Large

Target User Small Business
Home Office Business Enterprise
50-500 500-2000+
Recommended Users 1-25 25-50
300-1000 1000-5000+
200Mbps 800Mbps
Throughput 100Mbps 100Mbps
400Mbps 1500Mbps
WAN Ports 2/3 2/3 3/5 7/13

USB WAN Support 1 1 1 1

Peplink VPN Bonding Add-on Yes Yes Yes

60Mbps 160Mbps
VPN Throughput N/A 30Mbps
80Mbps 350Mbps
50 250
AP Controller Support No No
100 500

2012 Peplink
Pepwave MAX

2012 Peplink
MAX Series Specifications

2012 Peplink 8
Features
Internet Link Load Balancing & Failover
Session based for Inbound and Outbound

2012 Peplink Proprietary and Confidential

Features
WAN Bonding
Packet based load balancing
Single TCP/IP session can utilize all WAN
links
Using SpeedFusion VPN proprietary
technology

2012 Peplink Proprietary and Confidential

Concepts
Outbound
Access a server on Internet (WAN) side from
LAN, and the server returns the web data
back to LAN
Inbound
A computer from Internet (WAN) access a
web server on LAN. The web server returns
the data back to Internet client

2012 Peplink
Concepts
Outbound Load Balancing & Failover
Controlled by Outbound Policy
Peplink/Pepwave will distribute the outbound
sessions to different WAN links automatically
Knowledge Base - Understanding &
Configuring Outbound Traffic rules

2012 Peplink
Concepts
Inbound Load Balancing & Failover
By using build-in authoritative DNS
The resolution of DNS hostname contains IP
addresses of all WAN links
Knowledge Base - Understanding Inbound
Load Balancing

2012 Peplink
Scenario
Normal Operation (All WAN Up & Running):
A Peplink Balance unit
Three 1 Mbps Internet Links
All links are operational

Local Area Network

Aggregated bandwidth: 3 Mbps

= ISP A + ISP B + ISP C = 1 Mbps + 1 Mbps + 1 Mbps

2012 Peplink
Scenario
Failover (One WAN Down):
A Peplink Balance unit
Three 1 Mbps Internet Links
One link down: ISP A

Local Area Network

Peplink Balance re-directs traffic over ISP B

and ISP C as failover.

2012 Peplink
WAN Settings
Ethernet Connection Method
DHCP
Static IP
PPPoE
USB Mobile Connection

2012 Peplink
WAN Settings
WAN link Health Check
Determine whether the ISP link is routable to
Internet.

Methods: Ping / DNS Lookup / SmartCheck

Ping issue ICMP PING packets to test connectivity
DNS Lookup DNS lookups will be issued to test
connectivity with target DNS servers.
SmartCheck applies only to USB mobile connection. It is
optimized for mobile networks with high traffic latency

2012 Peplink
WAN Settings
Bandwidth Allowance Monitor
Designed for non-unlimited link (eg: Satellite, 3G)
Alert user when usage hits 75%/95% via Email
Disconnect when hits 100% allowance
Selectable billing cycle date

2012 Peplink Proprietary and Confidential

LAN Settings
DHCP server
DHCP reservation
DHCP Option
LAN static route
Local DNS Proxy
WINS server

2012 Peplink
Drop-in Mode
To minimize disruption to the existing network.
Before installation of Peplink/Pepwave:
The network is connected to the ISP
via a Router outside of the Firewall.

2012 Peplink
Drop-in Mode
After installation of Peplink/Pepwave:
Additional Internet links are installed.
Peplink/Pepwave intelligently
performs load balance
and failover among
the multiple links.

2012 Peplink
Drop-in Mode
Requirement
An additional IP address is required
for Drop-in Mode Peplink 210.10.10.1/24
Such as: 210.10.10.3

210.10.10.2/24

192.168.1.0/24

2012 Peplink Proprietary and Confidential

Drop-in Mode
Network > Interfaces > LAN

2012 Peplink
 Drop-in Mode
Installation Phase 1:
Pre-configured Peplink Balance is dropped in
between the Firewall and ISP Router.
210.10.10.1/24
The LAN clients, Firewall,
210.10.10.3/24
and ISP Router maintain the
same configurations.
210.10.10.2/24

192.168.1.0/24

2012 Peplink
 Drop-in Mode
Installation Phase 1:
LAN and WAN1 of Peplink uses 210.10.10.3
(for management purpose)
210.10.10.1/24
210.10.10.3/24

210.10.10.2/24

192.168.1.0/24

2012 Peplink
 Drop-in Mode
Installation Phase 2:
Configure WAN2 and WAN3
(in NAT or IP Forwarding Mode)
210.10.10.1/24
210.10.10.3/24

210.10.10.2/24 22.2.2.2/28
22.2.2.1/28
33.3.3.2/30

33.3.3.1/30

192.168.1.0/24

2012 Peplink
Drop-in VS NAT
NAT Mode
All WAN links are in NAT mode
Traffic goes over a NATted WAN, its source IP
will be translated to the IP of corresponding
WAN link
Drop-in Mode:
Peplink/Pepwave will bridge one of the WAN
link and LAN segments
For other WAN links, they will act as NAT

2012 Peplink
Complete VPN Solution
Build-in PPTP Server
Proprietary SpeedFusion VPN
Bonding
Failover
Site-to-site IPsec VPN

2012 Peplink
SpeedFusion VPN
Key Features
VPN Bonding
VPN Failover
Built-in Automatic Routing Protocol
256-bit AES Encryption
Easy configuration via Web Admin

2012 Peplink
SpeedFusion VPN
Allows VPN traffic to load balance across multiple
connections (Balance 210/310/380/580/710/1350)
Two Suggested connection scenarios

Mesh Scenario Star Scenario

2012 Peplink
SpeedFusion VPN
Aggregate all WAN connections bandwidth
Traffic load balanced at packet level
Automatic failover during WAN link failure

2012 Peplink
 SpeedFusion VPN
Configuration of Branch A Configuration of Branch B

Branch_A Branch_B

Subnet A Subnet B
192.168.50.1 10.10.10.1

Subnet should be different between two locations

2012 Peplink
PPTP Server
Allows Windows / Mac connect on public
Internet to internal LAN natively

2012 Peplink Proprietary and Confidential

PPTP Server
Authenticate PPTP user via
Local User Account (Stored in Peplink itself)
External LDAP Server
External Radius Server

2012 Peplink Proprietary and Confidential

Outbound Policy
Rule Based Custom Rules
Seven load balancing algorithms

Click to delete a custom rule

Click to add/edit custom rules

Drag and Drop to re-order the
priority of rules

2012 Peplink
Outbound Policy
Weighted Balance
Distribute the traffic across different WAN
links based on the weight.
10:5:1 means
10 Sessions (10/16) will be across WAN1
5 Sessions (5/16) will be across WAN2
1 Session (1/16) will be across WAN3

2012 Peplink
Outbound Policy
Persistence
Make the specified types of traffic to always be
routed through a particular WAN link based on
source or destination IP address(es).
Example usage:
Secure login session such as HTTPS.

2012 Peplink
Outbound Policy
Enforced
Route the specified traffic through a single WAN
connection/VPN Profile only, regardless of WAN
link up/down status.
Example usage:
Restricting outbound SMTP traffic to one specific
WAN link.

2012 Peplink
Outbound Policy
Priority
Distribute the traffic in the specified order.
Highest-priority available WAN link/VPN profile
will be used first.
Lower-priority WAN links will be used when
higher-priority WAN links become unavailable.

2012 Peplink
Outbound Policy
Overflow
Route the traffic to a lower priority link when the highest
priority link has been congested.

Least Used
Route the traffic to the most available WAN link according to
download usage.

Lowest Latency
Route the traffic to the lowest latency WAN link
Periodic latency checking will be performed to determine the
latency

2012 Peplink
Outbound Policy
VPN Connection can be selected as
Outbound Connection
Selected traffic will be routed across VPN
Connection with Priority and Enforced
Algorithms

2012 Peplink
Inbound Access
Also known as Inbound port forwarding /
Inbound port address translation
Only support on Balance
MAX not supported

2012 Peplink
 Inbound Access
A web server located on LAN
with physical private IP 192.168.1.100
Existing firewall is doing Inbound
NAT for 210.10.10.100 to forward
to 192.168.10.100

Web Server
LAN IP: 192.168.1.100
Public IP: 210.10.10.100

2012 Peplink
 Inbound Access
To allow access the web server via WAN2 and WAN3,
the Inbound Access rules are required.

Web Server
LAN IP: 192.168.1.100
Public IP: 210.10.10.100

2012 Peplink
Inbound Access
Network > Inbound Access > Servers

Network > Inbound Access > Services

2012 Peplink
Inbound Load Balance
Inbound Load Balancing distributes inbound
traffic across multiple WAN links by using build-
in DNS server.
Balance DNS server
is required to be an
authoritative DNS of
the domain.
Eg: foobar.com

2012 Peplink
Inbound Load Balance
The DNS query result of www.foobar.com will be
Name: www.foobar.com
Addresses: 210.10.10.100, 22.2.2.2, 33.3.3.2
If ISP2 goes down, the DNS query result will be
Name: www.foobar.com
Address: 210.10.10.100, 33.3.3.2
210.10.10.100

22.2.2.2

33.3.3.2

2012 Peplink
Inbound Load Balance
To configure Peplink Balance as
Authoritative DNS of the domain. It is
required to point the NS record to Peplink
in the Domain Registrar (eg:
Godaddy.com)

2012 Peplink
DNS Settings
Enable DNS listener
Create Default SOA/NS

2012 Peplink
DNS Settings
Define Default SOA/NS Records

IP of NS should be same as the IP selected in DNS listeners

2012 Peplink
DNS Settings
Create domain name foobar.com

2012 Peplink
DNS Settings
Create A Record
Click to Create a new A Record

Enter the host www

Select the IP address on

multiple WAN links for www

2012 Peplink
One-to-One NAT Mapping
Allow the IP address mapping of all inbound
and outbound NATed traffic to and from an
internal client IP address.

Click to delete a NAT rules

Click to add/edit NAT rules

2012 Peplink
NAT Pool
A range of LAN IP address or a LAN subnet can be
mapped to multiple IP public IP address as source IP
for their outbound traffic.

2012 Peplink
QoS
User Group Based Classification
Manager
Staff
Guest

Add/Edit User Group by

IP address or Subnet IP

2012 Peplink
QoS
Control Group Reserved Bandwidth
Reserve minimum bandwidth for user groups
Control Per-user Bandwidth Limit
Define maximum bandwidth for each user of the
groups

2012 Peplink
QoS
Traffic Prioritization for default and custom applications
3 Priority levels: High, Normal, and Low
Support different kinds of applications liked Email, VoIP
Based on TCP/UDP/IP/DSCP

2012 Peplink
WLAN Controller
Only support on Balance
MAX not supported
Manage up to 500 AP One within Peplink Balance
Software Add-on
Access Point Auto Discovery
Configuration, Firmware Management
Seamless Roaming of Wi-Fi Device
Multiple SSIDs

Model 380 580 710 1350

Max. Number of AP support 50 100 250 500

2012 Peplink
WLAN Controller
Four steps to setup the WLAN Controller
1. Enable AP Management
2. Define SSID(s)
3. Create AP Profile
4. Assign AP Profile to one or multiple AP
One devices

2012 Peplink Proprietary and Confidential

WLAN Controller
Enable the Access Point Management
feature at Network > AP Management.

2012 Peplink
WLAN Controller
Define the SSID in Wireless Network
Settings.

2012 Peplink
WLAN Controller
Add a New AP Profile

2012 Peplink
WLAN Controller
Enter the AP Profile Name
Select the Wireless Networks (SSID) which
defined in the previous step.
Please note that you can enable a maximum
of four wireless networks.

2012 Peplink
WLAN Controller
Connect your AP One devices to the network
containing the Peplink Balance.
Go back to the Dashboard and click the
Change AP Profile button.

2012 Peplink
WLAN Controller
Select the connected/detected AP One devices
to which you would like to assign the AP profile.
Then select the desired AP profile from the
drop-down list.

2012 Peplink
WLAN Controller
Click the Yes button to confirm the change.
The selected AP profile will apply to the listed
AP One devices immediately.

2012 Peplink
Hardware High Availability
Peplink Balance 210/310/380/580/710/1350 support High
Availability via VRRP, Virtual Router Redundancy Protocol:
A pair of Peplink Balance units work together.
Master unit is Active.
Slave unit is on Stand-by.

2012 Peplink
Hardware High Availability
In the event of Active unit fails:
The Stand-by unit becomes Active.
New Active unit re-establishes
Internet connections.
Outage is minimized.

2012 Peplink
 Hardware High Availability
Each unit has their own LAN IP address and use a same Virtual IP.
For non-drop-in mode, the VIP will be the default gateway of LAN hosts
For Drop-in mode, WAN1s default gateway will be the default gateway of
LAN hosts

192.168.1.3

Configuring HA for Slave unit

192.168.1.2

2012 Peplink
LAN Bypass
Available in Peplink Balance 580/710/1350
LAN Bypass is a fault-tolerance feature that protects
you in the event of power outage.
When used with Drop-in Mode, such failure would be
completely transparent to the network.
In the following example,
WAN1 and LAN1 ports are
bridged together when the
power runs out.

2012 Peplink
Bandwidth Usage Monitoring
Show the bandwidth usage statistics
Three periods of statistics: Real-Time, Daily, Monthly
Usage will not be shown
at the time when device
had been switched OFF
Real-Time
Click Show Details to
view the usage of
different WAN or type
of traffic

2012 Peplink
Bandwidth Usage Monitoring
Daily
Detailed usage statistics of
ALL WAN with IP Address
can be shown by clicking
corresponding Date
A selected WAN usage
can be shown in
billing cycle when the
bandwidth allowance monitor
of that WAN is enabled

2012 Peplink
Bandwidth Usage Monitoring
Monthly
Detailed usage statistics of
ALL WAN with IP Address
can be shown by clicking
the first two Month rows
A selected WAN usage
can be shown in
billing cycle when the
bandwidth allowance monitor
of that WAN is enabled

2012 Peplink
Additional Capabilities
E-mail notification:
Send email to user for any WAN up/down event, Site-to-Site
VPN, HA status.

2012 Peplink
Additional Capabilities
Rule-based stateful Firewall:
Support for an unlimited
number of rules.
Drag and drop user interface

2012 Peplink
Additional Capabilities
Reporting Service

2012 Peplink
Contact Support
Detail description of the issue
Network Diagram with detail IP address scheme
Troubleshooting steps that you performed
Diagnostic Report of related units
Remote Assistance of related units
Send email to priority.support@peplink.com

2012 Peplink Proprietary and Confidential

Diagnostic Report
Obtain Diagnostic Report via Status >
Device

2012 Peplink Proprietary and Confidential

Additional Support Information
Support Information Page contains
LAN/WAN Ethernet details
Remote Assistance
Network Capture
Realtime information of WAN Health Check
To access Support Information page,
from the Brower URL, change the link
http://<Peplinks IP>/cgi-bin/MANGA/index.cgi

2012 Peplink Proprietary and Confidential

Additional Support Information
Support Information Page contains
LAN/WAN Ethernet details
Remote Assistance
Network Capture
Realtime information of WAN Health Check
To access Support Information page,
from the Brower URL, change the link
http://<Peplinks IP>/cgi-bin/MANGA/support.cgi

2012 Peplink Proprietary and Confidential

 Questions and Answers

2012 Peplink
Contact Us
Peplink United States Office Peplink South Africa Office
800 West El Camino Real Unit 24, Cambridge Office Park,
Mountain View, CA 94040 5 Bauhinia Street,
United States Highveld, Centurion,
Tel: +1 (866) 463 0129 South Africa
Fax: +1 (866) 625 4664 Tel: +27 12 665 5829
Peplink Hong Kong Office
17/F, Park Building Sales:
476 Castle Peak Road
Cheung Sha Wan http://www.peplink.com/contact/sales/
Hong Kong
Support:
Tel: +852 2990 7600
http://www.peplink.com/contact/support/
Fax: +852 3007 0588
Peplink Italy Office
Via Sismondi 50/3
20133 Milan
Italy
Tel: +39 02 8986 6852
Peplink Saudi Arabia Office
Queens Tower 24th Floor,
Jeddah
Saudi Arabia
Tel: +966 504336952

2012 Peplink