Peplink Balance B30 LTE User Manual Peplink Products: Peplink Balance 30 LTE / Balance 30 LTE / BPL-031-LTE-E-T / Pismo 811AC / Peplink Balance Firmware 7.1.1 April 2019 Table of Contents https://www.peplink.
Introduction and Scope 7 Glossary 8 Product Comparison Chart 10 Product Features Supported Network Features Other Supported Features 11 11 13 Advanced Feature Summary Drop-in Mode and LAN Bypass: Transparent Deployment QoS: Clearer VoIP Per-User Bandwidth Control High Availability via VRRP USB Modem and Android Tethering Built-In Remote User VPN Support LACP NIC Bonding 14 14 15 15 16 17 17 18 Package Contents Peplink Balance 30 LTE 19 19 Peplink Balance Overview Peplink Balance 30 LTE 19 19 I
Network Settings (Common Settings) Port Settings VPN SpeedFusion IPsec VPN Outbound Policy Inbound Access Servers Services DNS Settings SOA Records NS Records MX Records CNAME Records A Records PTR Records TXT Records SRV Records Reverse Lookup Zones SOA Record NS Records CNAME Records PTR Records DNS Record Import Wizard NAT Mappings MediaFast Setting Up MediaFast Content Caching Viewing MediaFast Statistics Prefetch Schedule ContentHub MDM Settings Captive Portal QoS User Groups Bandwidth Control Applicat
Prioritization for Custom Application DSL/Cable Optimization Firewall Access Rules Intrusion Detection and DoS Prevention Content Blocking Application Blocking Web Blocking Customized Domains Exempted User Groups Exempted Subnets URL Logging OSPF & RIPv2 BGP Remote User Access Misc.
Toolbox 139 System Tab System Admin Security Firmware Time Schedule Email Notification Event Log SNMP InControl Configuration Feature Add-ons Reboot Tools Ping Traceroute Wake-on-LAN CLI (Command Line) Support 140 140 140 142 143 144 146 148 149 151 152 153 153 154 154 154 155 155 Status Tab Status Device Active Sessions Client List WINS Clients OSPF & RIPv2 MediaFast SpeedFusion Status Event Log Device Event Log IPsec Event Log Bandwidth Real-Time Hourly Daily Monthly 156 156 156 158 160 161 161 161 1
Harrington Industrial Plastics PLUSS https://www.peplink.
1 Introduction and Scope The Peplink Balance series provides link aggregation and load balancing across up to thirteen WAN connections. The Peplink Balance series offers cost-effective solutions suitable for SOHO/power users and small businesses. The Balance lineup also features a range of advanced enterprise solutions. Peplink enterprise routers are ideal single-box solutions for medium to large business environments, and they allow service providers to enable highly available multi-network services.
2 Glossary The following terms, acronyms, and abbreviations are frequently used in this manual: Term Definition 3G 3rd generation standards for wireless communications (e.g., HSDPA) 4G 4th generation standards for wireless communications (e.g.
VPN Virtual Private Network VRRP Virtual Router Redundancy Protocol WAN Wide Area Network WINS Windows Internet Name Service WLAN Wireless Local Area Network 210+ Refers to Peplink Balance 210/310/380/580/710/1350/2500 380+ Refers to Peplink Balance 380/580/710/1350/2500 https://www.peplink.
3 Product Comparison Chart Click underlined features to reach the relevant portion of the manual. Full product comparison available at: http://www.peplink.com/products/balance/model-comparison https://www.peplink.
4 Product Features Peplink Balance Series products enable all LAN users to share broadband Internet connections and provide advanced features to enhance Internet access. The following is a list of supported features: 4.1 Supported Network Features 4.1.
● ● ● ● ● Built-in L2TP / PPTP VPN server Authenticate L2TP / PPTP clients using RADIUS and LDAP servers Multi-Site PepVPN Profile IPsec VPN for network-to-network connections (works with Cisco and Juniper only) L2TP / PPTP and IPsec passthrough 4.1.4 Inbound Traffic Management ● ● TCP/UDP traffic redirection to dedicated LAN server(s) Inbound link load balancing by means of DNS 4.1.
4.
5 Advanced Feature Summary 5.1 Drop-in Mode and LAN Bypass: Transparent Deployment As your organization grows, it needs more bandwidth. But modifying your network would require effort better spent elsewhere. In Drop-in Mode, you can conveniently install your Peplink router without making any changes to your network. And if the Peplink router loses power for any reason, LAN Bypass will safely and automatically bypass the Peplink router to resume your original network connection. https://www.peplink.
5.2 QoS: Clearer VoIP VoIP and videoconferencing are highly sensitive to latency. With QoS, Peplink routers can detect VoIP traffic and assign it the highest priority, giving you crystal-clear calls. 5.3 Per-User Bandwidth Control https://www.peplink.
With per-user bandwidth control, you can define bandwidth control policies for up to 3 groups of users to prevent network congestion. Define groups by IP address and subnet, and set bandwidth limits for every user in the group. 5.4 High Availability via VRRP When your organization has a corporate requirement demanding the highest availability with no single point of failure, you can deploy two Peplink routers in High Availability mode.
5.5 USB Modem and Android Tethering For increased WAN diversity, plug in a USB LTE modem as backup. Peplink routers are compatible with over 200 modem types. You can also tether to smartphones running Android 4.1.X and above. 5.6 Built-In Remote User VPN Support https://www.peplink.
Use L2TP with IPsec to safely and conveniently connect remote clients to your private network. L2TP with IPsec is supported by most devices, but legacy devices can also connect using PPTP. Click here for full instructions on setting up L2TP with IPsec. 5.7 LACP NIC Bonding Use 802.3ad to combine multiple LAN connections into a virtual LAN connection. This virtual connection has higher throughput and redundancy in case any single link fails. https://www.peplink.
6 Package Contents The contents of Peplink Balance product packages are as follows: 6.1 ● ● ● ● ● Peplink Balance 30 LTE Peplink Balance 30 LTE 4G LTE Antennas Power adapter Information slip Rackmount kit 7 Peplink Balance Overview 7.1 Peplink Balance 30 LTE 7.1.1 Panel Appearance 7.1.2 LED Indicators The statuses indicated by the front panel LEDs are as follows: Power and Status Indicators https://www.peplink.
Power OFF – Power off Green – Power on OFF – Upgrading firmware Status Red – Booting up or busy Blinking red – Boot up error Green – Ready LAN and WAN Ports Green LED Orange LED Port Type ON – 10 / 100 /1000 Mbps Blinking – Data is transferring OFF – No data is being transferred or port is not connected Auto MDI/MDI-X ports USB Port USB Ports For connecting a 4G/3G USB modem https://www.peplink.
8 Installation The following section details connecting the Peplink Balance to your network: 8.
(This is the default LAN IP address of the Peplink Balance.) Enter the following to access the web admin interface. Username: admin Password: admin 3. (This is the default admin user login of the Peplink Balance. The admin and read-only user password can be changed at System>Admin Security.) After successful login, the Dashboard of the web admin interface will be displayed. It looks similar to the following: https://www.peplink.
Important Note The Save button causes the changes to be saved. Configuration changes (e.g., WAN, LAN, admin settings, etc.) take effect after clicking the Apply Changes button on each page’s top-right corner. 9.2 Configuration with the Setup Wizard The Setup Wizard simplifies the task of configuring WAN connection(s) by guiding the configuration process step-by-step. To begin, click Setup Wizard after connecting to the web admin interface. Click Next >> to begin.
Click on the appropriate checkbox(es) to select the WAN connection(s) to be configured. If you have chosen to configure drop-in mode using the Setup Wizard, the WAN port to be configured in drop-in mode will be checked by default. If drop-in mode is going to be configured, the setup wizard will move on to Drop-in Settings. https://www.peplink.
If you are not using drop-in mode, select the connection method for the WAN connection(s) from the following screen: Depending on the selection of connection type, further configuration may be needed. For example, PPPoE and static IP require additional settings for the selected WAN port. Please refer to Section 13, Configuring the WAN Interface(s) for details on setting up DHCP, static IP, and PPPoE. If Mobile Internet Connection is checked, the setup wizard will move on to Operator Settings.
Choose the time zone of your country/region. Check the box Show all to display all time zone options. Check in the following screen to make sure all settings have been configured correctly, and then click Save Settings to confirm. After finishing the last step in the setup wizard, click Apply Changes on the page header to allow the configuration changes to take effect. https://www.peplink.
10 Network Tab 10.1 WAN From Network>WAN, choose a WAN connection by clicking it. You can also enable IPv6 support in this section WAN Connection Settings (Ethernet) Clicking an Ethernet WAN connection will result in the following screen: WAN Connection Settings WAN Connection Name Enable Enter a name to represent this WAN connection. This setting enables the WAN connection. If schedules have been defined, you will be able to select a schedule to apply to the connection. https://www.peplink.
There are three possible connection methods for Ethernet WAN: Connection Method Routing Mode ● ● ● DHCP Static IP PPPoE The connection method and details are determined by, and can be obtained from, the ISP. See the following sections for details on each connection method. DNS server settings can be configured in the corresponding menu for each connection method. This field shows that NAT (network address translation) will be applied to the traffic routed over this WAN connection.
Connection Settings WAN Connection Name Enable Routing Mode Indicate a name you wish to give this WAN connection Click the checkbox to toggle the on and off state of this connection. This option allows you to select the routing method to be used in routing IP frames via the WAN connection. The mode can be either NAT (Network Address Translation) or IP Forwarding. In the case if you need to choose IP Forwarding for your scenario. Click the enable IP Forwarding.
gets disconnected. Each ISP may provide a set of DNS servers for DNS lookups. This setting specifies the DNS (Domain Name System) servers to be used when a DNS lookup is routed through this connection. DNS Servers Selecting Obtain DNS server address automatically results in the DNS servers assigned by the WAN DHCP server being used for outbound DNS lookups over the connection. (The DNS servers are obtained along with the WAN IP address assigned by the DHCP server.
Select Auto to automatically choose an authentication method. Data Roaming Operator Settings This checkbox enables data roaming on this particular SIM card. Please check your service provider’s data roaming policy before proceeding. This setting applies to 3G/EDGE/GPRS modems only. It does not apply to EVDO/EVDO Rev. A modems. This allows you to configure the APN settings of your connection. If Auto is selected, the mobile operator should be detected automatically.
This is the port speed of the WAN connection. It should be set to the same speed as the connected device in case of any port negotiation problems. Port Speed When a static speed is set, you may choose whether to advertise its speed to the peer device or not. Advertise Speed is selected by default. You can choose not to advertise the port speed if the port has difficulty in negotiating with the peer device.
(Optional) provide you with a hostname, you can safely bypass this option. Each ISP may provide a set of DNS servers for DNS lookups. This setting specifies the DNS (Domain Name System) servers to be used when a DNS lookup is routed through this connection. DNS Servers Selecting Obtain DNS server address automatically results in the DNS servers assigned by the WAN DHCP server being used for outbound DNS lookups over the connection.
Health Check Method: PING ICMP ping packets will be issued to test the connectivity with a configurable target IP address or hostname. A WAN connection is considered as up if ping responses are received from either one or both of the ping hosts. PING Hosts This setting specifies IP addresses or hostnames with which connectivity is to be tested via ICMP ping. If Use first two DNS servers as Ping Hosts is checked, the target ping host will be the first DNS server for the corresponding WAN connection.
HTTP connections will be issued to test connectivity with configurable URLs and strings to match. URL1 WAN Settings>WAN Edit>Health Check Settings>URL1 The URL will be retrieved when performing an HTTP health check. When String to Match is left blank, a health check will pass if the HTTP return code is between 200 and 299 (Note: HTTP redirection codes 301 or 302 are treated as failures).
Other Health Check Settings Timeout This setting specifies the timeout in seconds for ping/DNS lookup requests. The default timeout is 5 seconds. Health Check Interval This setting specifies the time interval in seconds between ping or DNS lookup requests. The default health check interval is 5 seconds. Health Check Retries This setting specifies the number of consecutive ping/DNS lookup timeouts after which the Peplink Balance will treat the corresponding WAN connection as down.
Bandwidth Allowance Monitor Settings Bandwidth Allowance Monitor Action Start Day Monthly Allowance If Email Notification is enabled, you will be notified by email when usage hits 75% and 95% of the monthly allowance. If Disconnect when usage hits 100% of monthly allowance is checked, this WAN connection will be disconnected automatically when the usage hits the monthly allowance.
IP Address List IP Address List represents the list of fixed Internet IP addresses assigned by the ISP in the event that more than one Internet IP address is assigned to this WAN connection. Enter the fixed Internet IP addresses and the corresponding subnet mask, and then click the Down Arrow button to populate IP address entries to the IP Address List. Dynamic DNS Settings The Peplink Balance allows registering domain name relationships to dynamic DNS service providers.
Dynamic DNS Settings Service Provider This setting specifies the dynamic DNS service provider to be used for the WAN. Supported providers are: ● changeip.com ● dyndns.org ● no-ip.org ● tzo.com ● DNS-O-Matic ● Others… support custom Dynamic DNS servers by entering its URL. Works with any service compatible with DynDNS API. Select Disabled to disable this feature.
has not been not updated for a long time. Therefore, the Peplink Balance performs an update every 23 days, even if a WAN’s IP address did not change. 10.2 LAN 10.2.1 Network Settings Click the LAN or VLAN you wish to edit or click New LAN to create a new VLAN. When you do so, the following configuration menus will appear: IP Settings IP Address & Subnet Mask Enter the Peplink Balance’s IP address and subnet mask values to be used on the LAN. Network Settings https://www.peplink.
Name VLAN ID Inter-VLAN routing Captive Portal Enter a name for the LAN. Enter a VLAN ID for your LAN. Check this box to enable routing between virtual LANs. Check this box to turn on captive portals. Drop-In Mode Drop-in mode (or transparent bridging mode) eases the installation of the Peplink Balance on a live network between the firewall and router, such that changes to the settings of existing equipment are not required.
support multiple WAN connections after activating drop-in mode, though a SpeedFusion license may be required to activate more than one WAN port. Please note the Drop-In Mode is mutually exclusive with VLAN. Drop-in Mode Settings Enable Drop-in mode eases the installation of the Peplink Balance on a live network between the existing firewall and router, such that no configuration changes are required on existing equipment. Check the box to enable the drop-in mode feature.
AddressA WAN Default Gateway WAN DNS Servers A the WAN (e.g., email notification, remote syslog, etc.) The device will also listen on the IP address when hosts on the WAN access services served on this device (e.g., web admin accesses from WAN, DNS server, etc.) Enter the WAN router's IP address in this field.
10.2.2 Network Settings (Common Settings) For VLAN-enabled configurations, DHCP Server settings are accessible by clicking individual VLAN DHCP Server Settings DHCP Server When this setting is enabled, the Peplink Balance’s DHCP server automatically assigns an IP address to each computer that is connected via LAN and configured to obtain an IP address via DHCP. The Peplink Balance’s DHCP server can prevent IP address collisions on the LAN. DHCP Server Logging Check this box to log DHCP server activity.
may choose to use the built-in WINS server or external WINS servers. When this unit is connected using SpeedFusionTM, other VPN peers can share this unit's built-in WINS server by entering this unit's LAN IP address in their DHCP WINS Servers setting. Therefore, all PC clients in the VPN can resolve the NetBIOS names of other clients in remote peers. If you have enabled this option, a list of WINS clients will be displayed at Status>WINS Clients.
DHCP Option 82 DHCP Relay Logging This feature includes device information as relay agent for the attached client when forwarding DHCP requests from a DHCP client to a DHCP server. Device MAC address and network name are embedded to circuit ID and Remote ID in option 82. Check this box to log DHCP relay activity. Static Route Settings Static Route This table is for defining static routing rules for the LAN segment. A static route consists of the network address, subnet mask, and gateway address.
DNS Proxy Settings Enable To enable the DNS proxy feature, check this box, and then set up the feature at Network>LAN>DNS Proxy Settings. A DNS proxy server can be enabled to serve DNS requests originating from LAN/PPTP/SpeedFusionTM peers. Requests are forwarded to the DNS servers/resolvers defined for each WAN connection. DNS Caching This field is to enable DNS caching on the built-in DNS proxy server.
DNS ResolversA A Check the box to enable the WINS server. A list of WINS clients will be displayed at Network>LAN>DNS Proxy Settings>DNS Resolvers. This field specifies which DNS resolvers will receive forwarded DNS requests. If no WAN/VPN/LAN DNS resolver is selected, all of the WAN’s DNS resolvers will be selected. If a SpeedFusionTM peer is selected, you may enter the VPN peer’s DNS resolver IP address(es). Queries will be forwarded to the selected connections’ resolvers.
10.3 VPN 10.3.1 SpeedFusion Peplink Balance SpeedFusionTM Bandwidth Bonding is our patented technology that enables our SD-WAN routers to bond multiple Internet connections to increase site-to-site bandwidth and reliability. SpeedFusion securely connects one or more branch offices to your company's main headquarters or to other branches. The data, voice, and video communications between these locations are kept confidential across the public Internet.
This table displays all defined profiles. Click the New Profile button to create a new profile for making a VPN connection to a remote unit via available WAN connections. Each pair of VPN connection requires its own profile. The local LAN subnet and subnets behind the LAN (defined under Static Route on the LAN Settings page) will be advertised to the VPN. All VPN members will be able to route to local subnets.
Link Failure Detection The bonded VPN can detect routing failures on the path between two sites over each WAN connection. Failed WAN connections will not be used to route VPN traffic. Health check packets are sent to the remote unit to detect any failure. The more frequently checks are sent, the shorter the detection time, although more bandwidth will be consumed. When Recommended (default) is selected, a health check packet is sent every five seconds, and the expected detection time is 15 seconds.
A list of defined SpeedFusion connection profiles and a Link Failure Detection Time option will be shown. Click the New Profile button to create a new VPN connection profile for making a VPN connection to a remote Peplink Balance via the available WAN connections. Each profile is for making a VPN connection with one remote Peplink Balance. PepVPN Profile Settings Name This field is for specifying a name to represent this profile.
Remote ID / Pre-shared Key This optional field becomes available when Remote ID / Pre-shared Key is selected as the Peplink Balance’s VPN Authentication method, as explained above. Pre-shared Key defines the pre-shared key used for this particular VPN connection. The VPN connection's session key will be further protected by the pre-shared key. The connection will be up only if the pre-shared keys on each side match. When the peer is running firmware 5.0+, this setting will be ignored.
WAN's available bandwidth. Off - Disable WAN Smoothing. Normal - The total bandwidth consumption will be at most 2x of the original data traffic. Medium - The total bandwidth consumption will be at most 3x of the original data traffic. High - The total bandwidth consumption depends on the number of connected active tunnels. A - Advanced feature, please click the button on the top right-hand corner to activate.
problems (e.g.,unplugged cables or ISP problems) cause WAN1 to go down, our IPsec implementation will make use of WAN2 and WAN3 for failover. 10.3.2 IPsec VPN All Peplink products can make multiple IPsec VPN connections with Peplink routers, as well as Cisco and Juniper routers. Note that all LAN subnets and the subnets behind them must be unique. Otherwise, VPN members will not be able to access each other.
https://www.peplink.
IPsec VPN Settings Name This field is for specifying a local name to represent this connection profile. Active When this box is checked, this IPsec VPN connection profile will be enabled. Otherwise, it will be disabled. Connect Upon Disconnection of Check this box and select a WAN to connect to this VPN automatically when the specified WAN is disconnected. To activate this function, click the button next to the “Active” option.
Force UDP Encapsulation For forced UDP encapsulation regardless of NAT-traversal, tick this checkbox. Pre-shared Key This defines the peer authentication pre-shared key used to authenticate this VPN connection. The connection will be up only if the pre-shared keys on each side match. Remote Certificate (pem encoded) Available only when X.509 Certificate is chosen as the Authentication method, this field allows you to paste a valid X.509 certificate.
IPsec Status shows the current connection status of each connection profile and is displayed at Status>IPsec VPN. 10.4 Outbound Policy Outbound policies for managing and load balancing outbound traffic are located at Network>Outbound Policy.
The bottom-most rule is Default. Edit this rule to change the device’s default manner of controlling outbound traffic for all connections that do not match any of the rules above it. Under the Service heading, click Default to change these settings. To rearrange the priority of outbound rules, drag and drop them into the desired sequence. By default, Auto is selected as the Default Rule. You can select Custom to change the algorithm to be used.
New Custom Rule Settings Service Name Enable This setting specifies the name of the outbound traffic rule. This setting specifies whether the outbound traffic rule takes effect. When Enable is checked, the rule takes effect: traffic is matched and actions are taken by the Pepwave router based on the other parameters of the rule. When Enable is unchecked, the rule does not take effect: the Pepwave router disregards the other parameters of the rule.
not supported. NOTE: if a server has one Internet IP address and multiple server names, and if one of the names is defined here, accesses to any one of the server names will also match this rule. Protocol and Port This setting specifies the IP protocol and port of traffic that matches this rule. Algorithm This setting specifies the behavior of the Pepwave router for the custom rule.
To define a new server, click Add Server, which displays the following screen: Enter a valid server name and its corresponding LAN IP address. Upon clicking Save after entering required information, the following screen appears. To define additional servers, click Add Server and repeat the above steps. 10.5.2 Services Services are defined at Network>Inbound Access>Services. Tip At least one server must be defined before services can be added.
Services Settings Enable Service Name IP Protocol This setting specifies whether the inbound service rule takes effect. When Yes is selected, the inbound service rule takes effect. If the inbound traffic matches the specified IP protocol and port, action will be taken by the Peplink Balance based on the other parameters of the rule. When No is selected, the inbound service rule does not take effect. The Peplink Balance will disregard the other parameters of the rule.
For example, if IP Protocol is set to TCP, Port is set to Single Port, and Service Port is set to 80, then TCP traffic received on Port 80 will be forwarded to the configured servers via port 80. Port Range: traffic that is received by the Peplink Balance via the specified protocol at the specified port range is forwarded via the same respective ports to the LAN hosts specified by the Servers setting.
When the options are enabled, a table listing all the forwarded ports under these two protocols can be found at Network>Services>UPnP / NAT-PMP. 10.5.3 DNS Settings The built-in DNS server functionality of the Peplink Balance facilitates inbound load balancing. With this functionality, NS/SOA DNS records for a domain name can be delegated to the Internet IP address(es) of the Peplink Balance.
DNS Servers This setting specifies the WAN IP addresses on which the DNS server of the Peplink Balance should listen. If no addresses are selected, the inbound link load balancing feature will be disabled and the Peplink Balance will not respond to DNS requests.
This page is for defining the domain’s SOA, NS, MX, CNAME, A, TXT, and SRV records. Seven tables are presented in this page for defining the five types of records. https://www.peplink.
10.5.3.1 SOA Records Click on the icon to choose whether to use the pre-defined default SOA record and NS records. If the option Use Default SOA and NS Records is selected, any changes made in the default SOA/NS records will be applied to this domain automatically. Otherwise, select the option Customize SOA Record for this domain to customize this domain's SOA and NS records. This table displays the current SOA record.
● ● ● ● ● ● is registered in the DNS registrar. If this field is entered, a corresponding A record for the name server will be created automatically. If it is left blank, the A record for the name server must be created manually. E-mail: Defines the e-mail address of the person responsible for this zone. Note: format should be mailbox-name.domain.com, e.g., hostmaster.example.com. Refresh: Indicates the length of time (in seconds) when the slave will try to refresh the zone from the master.
10.5.3.3 MX Records The MX Record table shows the domain’s MX records. To add a new MX record, click the New MX Records button in the MX Records box. Then the table will expand to look like the following: When creating an MX record for the domain itself (not a sub-domain), the Host field should be left blank. For each record, Priority and Mail Server name must be entered. Priority typically ranges from 10 to 100. Smaller numbers have a higher a priority.
10.5.3.5 A Records This table shows the A records of the domain name. To add an A record, click the New A Record button. The following screen will appear: A record may be automatically added for the SOA records with a name server IP address provided. A Record Host Name This field specifies the A record of this sub-domain to be served by the Peplink Balance. The wildcard character “*” is supported. The IP addresses of “*.domain.name" will be https://www.peplink.
returned for every name ending with ".domain.name" except names that have their own records. TTL This setting specifies the time to live of this record in external DNS caches. In order to reflect any dynamic changes on the IP addresses in case of link failure and recovery, this value should be set to a smaller value, e.g., 5 secs, 60 secs, etc. Priority This option specifies the priority of different connections.
10.5.3.7 TXT Records This table shows the TXT record of the domain name. To add a new TXT record, click the New TXT Record button in the TXT Records box. Click the Edit button to edit the record. The time-to-live value and the TXT record’s value can be entered. Click the Save button to finish. When creating a TXT record for the domain itself (not a sub-domain), the Host field should be left blank. The maximum size of the TXT Value is 255 bytes.
● ● ● Weight: A relative weight for records with the same priority. Target: The canonical hostname of the machine providing the service. Port: Enter the TCP or UDP port number on which the service is to be found. Reverse Lookup Zones Reverse lookup zones can be configured in Network>Inbound Access>DNS Settings. Reverse lookup refers to performing a DNS query to find one or more DNS names associated with a given IP address.
SOA Record You can click the link Click here to define SOA record to create or click on the Name Server field to edit the SOA record. Name Server: Enter the NS record's FQDN server name here. https://www.peplink.
For example: "ns1.mydomain.com" (equivalent to "www.1stdomain.com.") "ns2.mydomain.com." Email, Refresh, Retry, Expire, Min Time, and TTL are entered in the same way as in the forward zone. Please refer to Section 17.3.5 for details. NS Records The NS record of the name server defined in the SOA record is automatically added here. To create a new NS record, click the New NS Records button.
PTR Records To create a new PTR record, click the New PTR Record button. For Host IP Number field, enter the last integer in the IP address of a PTR record. For example. for the IP address 11.22.33.44, where the reverse lookup zone is 33.22.11.inarpa.addr, the Host IP Number should be 44. The Points To field defines the host name which the PTR record should be pointed to. It must be a FQDN.
● ● ● In the Target DNS Server IP Address field, enter the IP address of the DNS server. In the Transfer via…field, choose the connection which you would like to transfer through. Select Next >> to continue. https://www.peplink.
● ● In the blank space, enter the Domain Names (Zones) which you would like to assign the IP address entered in the previous step. Enter one domain name per line. Select Next >> to continue. Important Note If you have entered domain(s) which already exist in your settings, a warning message will appear. Select Next >> to overwrite the existing record or << Back to go back to the previous step. https://www.peplink.
https://www.peplink.
After the zone records process have been fetched, the fetch results would be shown as above. You can view import details by clicking the corresponding hyperlink on the right-hand side. 10.6 NAT Mappings The Peplink Balance allows the IP address mapping of all inbound and outbound NAT’ed traffic to and from an internal client IP address. NAT mappings can be configured at Network>NAT Mappings. To add a rule for NAT mappings, click Add NAT Rule and the following screen will be displayed: https://www.
NAT Mapping Settings LAN Client(s) NAT Mapping rules can be defined for a single LAN IP Address, an IP Range, or an IP Network. https://www.peplink.
Address This refers to the LAN host’s private IP address. The system maps this address to a number of public IP addresses (specified below) in order to facilitate inbound and outbound traffic. This option is only available when IP Address is selected. Range The IP range is a contiguous group of private IP addresses used by the LAN host. The system maps these addresses to a number of public IP addresses (specified below) to facilitate outbound traffic.
10.7 MediaFast MediaFast settings can be configured by navigating to Network > MediaFast. Setting Up MediaFast Content Caching To access MediaFast content caching settings, select Network > MediaFast. MediaFast Enable Domains / IP Addresses Click the checkbox to enable MediaFast content caching. Choose to Cache on all domains, or enter domain names and then choose either Whitelist (cache the specified domains only) or Blacklist (do not cache the specified domains). https://www.peplink.
The Secure Content Caching menu operates identically to the MediaFast menu, except it is for secure contenting accessible through https://. Cache Control Content Type Check these boxes to cache the listed content types or leave boxes unchecked to disable caching for the listed types. Cache Lifetime Settings Enter a file extension, such as JPG or DOC. Then enter a lifetime in days to specify how long files with that extension will be cached. Add or delete entries using the controls on the right.
10.7.1 Prefetch Schedule Content prefetching allows you to download content on a schedule that you define, which can help to preserve network bandwidth during busy times and keep costs down. To access MediaFast content prefetching settings, select Network > MediaFast > Prefetch Schedule. https://www.peplink.
Prefetch Schedule Settings Name This field displays the name given to the scheduled download. Status Check the status of your scheduled download here. Next Run Time/Last Run Time These fields display the date and time of the next and most recent occurrences of the scheduled download. Last Duration Check this field to ensure that the most recent download took as long as expected to complete.
Simply provide the requested information to create your schedule. Clear Web Cache Clear Statistics Click to clear all cached contentn. Note that this action cannot be undone. Click to clear all prefetch and status page statistics. 10.8 ContentHub Integrated into MediaFast-enabled routers, ContentHub allows you to deliver webpages and applications using the cache. To access ContentHub, navigate to Network > ContentHub: Check the Enable box.
The Active checkbox toggles the activation of the website/application. This will be useful when there are multiple applications being delivered. For type, you can select either Website or Application: Selecting Website: Domain/Path Both domain and path must be specified for website type. Source Enter the FTP server you will be downloading the content from. Enter your credentials under Username and Password.
Bandwidth Limit This field determines the amount of bandwidth dedicated to this application. 10.9 MDM Settings In addition to performing content caching, MediaFast-enabled routers can also serve as an MDM, administrating to client devices. To access MDM Settings, navigate to Network > MDM Settings: MDM Settings Enable Account Settings Click this checkbox to enable MDM on your router. Click Follow Web Admin Account to allow client devices to use the built-in administrator account when performing MDM.
Captive Portal Settings Enable Hostname Access Mode Check Enable and then, optionally, select the LANs/VLANs that will use the captive portal. To customize the portal’s form submission and redirection URL, enter a new URL in this field. To reset the URL to factory settings, click Default. Click Open Access to allow clients to freely access your router. Click User Authentication to force your clients to authenticate before accessing your router. This authenticates your clients through a RADIUS server.
Fill in the necessary information to complete your connection to the server and enable authentication. Access Quota Quota Reset Time Allowed Networks Set a time and data cap to each user’s Internet usage. This menu determines how your usage quota resets. Setting it to Daily will reset it at a specified time every day. Setting a number of minutes after quota reached establish a timer for each user that begins after the quota has been reached.
The Portal Customization menu has two options: and . Clicking will result in a pop-up previewing the captive portal that your clients will see. Clicking will result in the appearance of following menu: Portal Customization Logo Image Click the Choose File button to select an logo to use for the built-in portal. Message If you have any additional messages for your users, enter them in this field. Terms & Conditions If you would like to use your own set of terms and conditions, please enter them here.
Custom Landing Page Fill in this field to redirect clients to an external URL. 10.11 QoS 10.11.1 User Groups LAN and PPTP clients can be categorized into three user groups - Manager, Staff, and Guest. This menu allows you to define rules and assign client IP addresses or subnets to a user group. You can apply different bandwidth and traffic prioritization policies on each user group in the Bandwidth Control and Application sections.
10.11.2 Bandwidth Control This section is to define how much minimum bandwidth will be reserved to each user group when a WAN connection is in full load. When this feature is enabled, a slider with two indicators will be shown. You can move the indicators to adjust each group's weighting. The lower part of the table shows the corresponding reserved download and uploads bandwidth value of each connection. By default, 50% of bandwidth has been reserved for Manager, 30% for Staff, and 20% for Guest.
Prioritization for Custom Application Click the Add button to define a custom application. Click the button in the Action column to delete the custom application in the corresponding row. When Supported Applications is selected, the Peplink Balance will inspect network traffic and prioritize the selected applications. Alternatively, you can select Custom Applications and define the application by providing the protocol, scope, port number, and DSCP value.
DSL/Cable Optimization DSL/cable-based WAN connections have lower upload bandwidth and higher download bandwidth. When a DSL/cable circuit's uplink is congested, the download bandwidth will be affected. Users will not be able to download data at full speed until the uplink becomes less congested. DSL/Cable Optimization can relieve such an issue. When it is enabled, the download speed will become less affected by the upload traffic. By default, this feature is enabled. 10.
The inbound firewall settings are located at Network>Firewall>Access Rules. Click Add Rule to display the following window: Inbound / Outbound Firewall Settings Rule Name This setting specifies a name for the firewall rule. https://www.peplink.
Enable This setting specifies whether the firewall rule should take effect. If the box is checked, the firewall rule takes effect. If the traffic matches the specified protocol/IP/port, actions will be taken by Peplink Balance based on the other parameters of the rule. If the box is not checked, the firewall rule does not take effect. The Peplink Balance will disregard the other parameters of the rule. Click the dropdown menu next to the checkbox to place this firewall rule on a time schedule.
