Pepwave MAX User Manual Pepwave Products: MAX BR1 Mini Pepwave Firmware 8.0.1 February 2020 Copyright & Trademarks Specifications are subject to change without notice. Copyright © 2019 Pepwave Ltd. All Rights Reserved. Pepwave and the Pepwave logo are trademarks of Pepwave Ltd. Other brands or products mentioned may be trademarks or registered trademarks of their respective owners.
Table of Contents Introduction and Scope 7 Glossary 8 Product Features Supported Network Features WAN LAN VPN Firewall Captive Portal Outbound Policy AP Controller QoS Other Supported Features 9 9 9 10 10 10 10 10 11 11 11 Pepwave MAX Mobile Router Overview MAX BR1 Mini 13 13 Advanced Feature Summary Drop-in Mode and LAN Bypass: Transparent Deployment QoS: Clearer VoIP Per-User Bandwidth Control High Availability via VRRP USB Modem and Android Tethering Built-In Remote User VPN Support SIM-card USSD
Configuring the LAN Interface(s) Basic Settings Port Settings Captive Portal 26 26 35 35 Configuring the WAN Interface(s) Ethernet WAN DHCP Connection Static IP Connection PPPoE Connection L2TP Connection Cellular WAN Wi-Fi WAN Creating Wi-Fi Connection Profiles WAN Health Check Dynamic DNS Settings 38 39 42 43 43 45 46 53 59 60 62 Advanced Wi-Fi Settings 64 ContentHub Configuration ContentHub Configuring the ContentHub Configure a website to be published from the ContentHub Configure an application t
Algorithm: Enforced Algorithm: Priority Algorithm: Overflow Algorithm: Least Used Algorithm: Lowest Latency Expert Mode 94 95 95 96 96 97 Inbound Access Port Forwarding Service UPnP / NAT-PMP Settings 97 97 99 NAT Mappings 100 QoS User Groups Bandwidth Control Application Application Prioritization Prioritization for Custom Applications DSL/Cable Optimization 101 101 102 103 103 103 104 Firewall Outbound and Inbound Firewall Rules Access Rules Apply Firewall Rules to PepVpn Traffic Intrusion Detecti
Miscellaneous Settings High Availability Certificate Manager Service Forwarding SMTP Forwarding Web Proxy Forwarding DNS Forwarding Custom Service Forwarding Service Passthrough UART GPS Forwarding Ignition Sensing Ignition Sensing installation GPIO Menu Grouped Networks SIM Toolkit 120 120 123 124 124 125 126 126 126 128 130 130 131 132 134 134 AP - access point AP Controller Wireless SSID Settings 137 137 137 141 AP Controller Status Info Access Point (Usage) Wireless SSID Wireless Client Nearby Devic
Event Log SNMP InControl Configuration Feature Add-ons Reboot 163 164 166 167 168 168 Tools Ping Traceroute Test PepVPN Test Wake-on-LAN CLI (Command Line Interface Support) 168 168 169 170 170 171 Status Device GPS Data Active Sessions Client List WINS Client UPnP / NAT-PMP OSPF & RIPv2 BGP SpeedFusion Status Event Log WAN Quality Usage Reports Real-Time Hourly Daily Monthly 172 172 173 174 175 176 176 177 177 177 179 181 181 183 183 184 185 Appendix B: Declaration 189 https://www.peplink.
1 Introduction and Scope Pepwave routers provide link aggregation and load balancing across multiple WAN connections, allowing a combination of technologies like 3G HSDPA, EVDO, 4G LTE, Wi-Fi, external WiMAX dongle, and satellite to be utilized to connect to the Internet. The MAX wireless SD-WAN router series has a wide range of products suitable for many different deployments and markets. Entry level SD-WAN models such as the MAX BR1 are suitable for SMEs or branch offices.
Glossary The following terms, acronyms, and abbreviations are frequently used in this manual: Term Definition 3G 3rd generation standards for wireless communications (e.g., HSDPA) 4G 4th generation standards for wireless communications (e.g.
2 WAN Wide Area Network WINS Windows Internet Name Service WLAN Wireless Local Area Network Product Features Pepwave routers enable all LAN users to share broadband Internet connections, and they provide advanced features to enhance Internet access. Our Max BR wireless routers support multiple SIM cards. They can be configured to switch from using one SIM card to another SIM card according to different criteria, including wireless network reliability and data usage.
2.1.2 LAN Wi-Fi AP Ethernet LAN ports DHCP server on LAN Extended DHCP option support Static routing rules VLAN on LAN support 2.1.3 VPN PepVPN with SpeedFusionTM PepVPN performance analyzer X.
service Traffic prioritization and DSL optimization Prioritize and route traffic to VPN tunnels with Priority and Enforced algorithms 2.1.7 AP Controller Configure and manage Pepwave AP devices Review the status of connected APs 2.1.8 QoS Quality of service for different applications and custom protocols User group classification for different service levels Bandwidth usage control and monitoring on group- and user-level Application prioritization for custom protocols and DSL/cable optimization 2.
IPv6 support Support USB tethering on Android 2.2+ phones * Not supported on MAX Surf-On-The-Go, and BR1 variants https://www.peplink.
3 Pepwave MAX Mobile Router Overview 3.1 MAX BR1 Mini 3.1.1 Panel Appearance 3.1.2 LED Indicators Status Indicators Status https://www.peplink.
Cellular Indicators Cellular OFF Disabled or no SIM card inserted ON Connecting or connected to network(s) LAN and Ethernet WAN Ports Green LED Orange LED Port Type https://www.peplink.
3.1.3 Datasheet https://www.peplink.
https://www.peplink.
4 Advanced Feature Summary 4.1 Drop-in Mode and LAN Bypass: Transparent Deployment As your organization grows, it needs more bandwidth. But modifying your network would require effort better spent elsewhere. In Drop-in Mode, you can conveniently install your Peplink router without making any changes to your network. And if the Peplink router loses power for any reason, LAN Bypass will safely and automatically bypass the Peplink router to resume your original network connection.
4.3 Per-User Bandwidth Control With per-user bandwidth control, you can define bandwidth control policies for up to 3 groups of users to prevent network congestion. Define groups by IP address and subnet, and set bandwidth limits for every user in the group. 4.4 High Availability via VRRP When your organization has a corporate requirement demanding the highest availability with no single point of failure, you can deploy two Peplink routers in High Availability mode.
4.5 USB Modem and Android Tethering For increased WAN diversity, plug in a USB LTE modem as a backup. Peplink routers are compatible with over 200 modem types. You can also tether to smartphones running Android 4.1.X and above. Compatible with: MAX 700, HD2 (all variants except IP67), HD4 (All variants) 4.6 Built-In Remote User VPN Support Use OpenVPN or L2TP with IPsec to safely and conveniently connect remote clients to your private network.
4.7 SIM-card USSD support Cellular-enabled routers can now use USSD to check their SIM cards balance, process prepaid cards, and configure carrier-specific services. Click here for full instructions on using USSD. https://www.peplink.
5 Installation The following section details connecting Pepwave routers to your network. 5.
The following figure schematically illustrates the resulting configuration: 5.3 Configuring the Network Environment To ensure that the Pepwave router works properly in the LAN environment and can access the Internet via WAN connections, please refer to the following setup procedures: LAN configuration For basic configuration, refer to Section 8, Connecting to the Web Admin Interface. For advanced configuration, go to Section 9, Configuring the LAN Interface(s).
6 Mounting the Unit 6.1 Wall Mount The Pepwave MAX BR1 Mini requires four screws for wall mounting. Recommended screw specification: M3.5 x 20mm, head diameter 6mm, head thickness 2.4mm. https://www.peplink.
7 Connecting to the Web Admin Interface 1. Start a web browser on a computer that is connected with the Pepwave router through the LAN. To connect to the routers web admin interface, enter the following LAN IP address in the address field of the web browser: http://192.168.50.1 (This is the default LAN IP address for Pepwave routers.) 2. 3. Enter the following to access the web admin interface. Username: admin Password: admin (This is the default username and password for Pepwave routers).
After successful login, the Dashboard of the web admin interface will be displayed. The Dashboard shows current WAN, LAN, and Wi-Fi AP statuses. Here, you can change WAN connection priority and switch on/off the Wi-Fi AP. For further information on setting up these connections, please refer to Sections 8 and 9. Device Information displays details about the device, including model name, firmware version, and uptime. For further information, please refer to Section 22.
8 Configuring the LAN Interface(s) 8.1 Basic Settings LAN interface settings are located at Network>LAN>Network Settings. Navigating to that page will show the following dashboard: This represents the LAN interfaces that are active on your router (including VLAN). A grey X means that the VLAN is used in other settings and cannot be deleted. You can find which settings are using the VLAN by hovering over the grey X. Alternatively, a red X means that there are no settings using the VLAN.
Network Settings Name VLAN ID Inter-VLAN routing Enter a name for the LAN. Enter a number for your VLAN. Check this box to enable routing between virtual LANs. Layer 2 PepVPN Bridging The remote network of the selected PepVPN profiles will be bridged with this local PepVPN Profiles LAN, creating a Layer 2 PepVPN, they will be connected and operate like a single to Bridge LAN, and any broadcast or multicast packets will be sent over the VPN.
connected act as a router, and most Layer 3 routing functions will cease to work. Click on the question Mark if you want to enable DHCP Option 82. DHCP Option 82 This allows the device to inject Option 82 with Router Name information before forwarding the DHCP Request packet to a PepVPN peer, such that the DHCP Server can identify where the request originates from.
WINS Server setting. Afterward, all PC clients in the VPN can resolve the NetBIOS names of other clients in remote peers. If you have enabled this option, a list of WINS clients will be displayed at Status>WINS Clients. BOOTP Extended DHCP Option DHCP Reservation Check this box to enable BOOTP on older networks that still require it. In addition to standard DHCP options (e.g.
Static Route Settings Static Route This table is for defining static routing rules for the LAN segment. A static route consists of the network address, subnet mask, and gateway address. The address and subnet mask values are in w.x.y.z format. The local LAN subnet and subnets behind the LAN will be advertised to the VPN. Remote routes sent over the VPN will also be accepted. Any VPN member will be able to route to the local subnets. Press to create a new route. Press to remove a route.
DNS Proxy Settings Enable To enable the DNS proxy feature, check this box, and then set up the feature at Network>LAN>DNS Proxy Settings. A DNS proxy server can be enabled to serve DNS requests originating from LAN/PPTP/SpeedFusionTM peers. Requests are forwarded to the DNS servers/resolvers defined for each WAN connection. DNS Caching This field is to enable DNS caching on the built-in DNS proxy server.
resolver IP address(es). Queries will be forwarded to the selected connections resolvers. If all of the selected connections are down, queries will be forwarded to all resolvers on healthy WAN connections. A - Advanced feature, please click the button on the top right hand corner to activate. Finally, if needed, configure Bonjour forwarding, Apples zero configuration networking protocol. Once VLAN configuration is complete, click Save to store your changes.
IP Address & Subnet Mask Enter the Pepwave routers IP address and subnet mask values to be used on the LAN. Network Settings Name VLAN ID Inter-VLAN routing Captive Portal Enter a name for the LAN. Enter a number for the LAN. Check this box to enable routing between virtual LANs. Check this box to turn on captive portals.
IP Range & Subnet Mask These settings allocate a range of IP addresses that will be assigned to LAN computers by the Pepwave routers DHCP server. Lease Time This setting specifies the length of time throughout which an IP address of a DHCP client remains valid. Upon expiration of Lease Time, the assigned IP address will no longer be valid and the IP address assignment must be renewed. DNS Servers This option allows you to input the DNS server addresses to be offered to DHCP clients.
DHCP Relay Settings Enable Check this box to turn on DHCP relay. Click the icon to disable DHCP relay. Enter the IP addresses of one or two DHCP servers in the provided fields. The DHCP Server IP DHCP servers entered here will receive relayed DHCP requests from the LAN. For active-passive DHCP server configurations, enter active and passive DHCP server Address relay IP addresses in DHCP Server 1 and DHCP Server 2.
Captive Portal Settings Enable Check Enable and then, optionally, select the LANs/VLANs that will use the captive portal. Hostname To customize the portals form submission and redirection URL, enter a new URL in this field. To reset the URL to factory settings, click Default. Access Mode Click Open Access to allow clients to freely access your router. Click User Authentication to force your clients to authenticate before accessing your router. This authenticates your clients through a RADIUS server.
Fill in the necessary information to complete your connection to the server and enable authentication. Access Quota Set a time and data cap to each users Internet usage. Quota Reset Time This menu determines how your usage quota resets. Setting it to Daily will reset it at a specified time every day. Setting a number of minutes after quota reached establish a timer for each user that begins after the quota has been reached.
Portal Customization Logo Image Message Terms & Conditions Custom Landing Page 9 Click the Choose File button to select a logo to use for the built-in portal. If you have any additional messages for your users, enter them in this field. If you would like to use your own set of terms and conditions, please enter them here. If left empty, the built-in portal will display the default terms and conditions. Fill in this field to redirect clients to an external URL.
To able a particular WAN connection, drag on the appropriate WAN by holding the left mouse button, move it the Disabled row, and drop it by releasing the mouse button. You can also set priorities on the Dashboard. Click the Details button in the corresponding row to modify the connection setting. Important Note Connection details will be changed and become effective immediately after clicking the Save and Apply button. 9.
PING - ICMP PING packets will be issued to test connectivity with configurable target IP addresses or host names. DNS Lookup - DNS lookups will be issued to test the connectivity with configurable target DNS server IP addresses. HTTP - HTTP connections will be issued to test the connectivity with configurable URLs and strings to match. Default: DNS Lookup These fields are for specifying the target IP addresses or host names where ICMP Ping packets will be sent to for health check.
Allowance Monitor connection for each billing cycle. When this option is not enabled, bandwidth usage of each month is still being tracked but no action will be taken. If Email Notification is enabled, you will receive an email notification when usage hits 75% and 95% of the monthly allowance. Action Start Day Monthly Allowance If the box Disconnect when usage hits 100% of monthly allowance is checked, this WAN connection will be disconnected automatically when the usage hits the monthly allowance.
9.1.1 DHCP Connection There are four possible connection methods: 1. DHCP 2. Static IP 3. PPPoE 4. L2TP The DHCP connection method is suitable if the ISP provides an IP address automatically using DHCP (e.g., satellite modem, WiMAX modem, cable, Metro Ethernet, etc.). DHCP Connection Settings Routing Mode IP Address/ Subnet Mask/ Default Gateway NAT allows substituting the real address in a packet with a mapped address that is routable on the destination network.
9.1.2 Static IP Connection The static IP connection method is suitable if your ISP provides a static IP address to connect directly. Static IP Settings Routing Mode NAT allows substituting the real address in a packet with a mapped address that is routable on the destination network. By clicking the help icon in this field, you can display the IP Forwarding option, if your network requires it.
PPPoE Settings Routing Mode IP Address / Subnet Mask / Default Gateway PPPoE Username / Password Confirm PPPoE Password NAT allows substituting the real address in a packet with a mapped address that is routable on the destination network. By clicking the help icon in this field, you can display the IP Forwarding option, if your network requires it. This information is obtained from the ISP automatically. Enter the required information in these fields in order to connect via PPPoE to the ISP.
9.1.4 L2TP Connection L2TP has all the compatibility and convenience of PPTP with greater security. Combine this with IPsec for a good balance between ease of use and security. L2TP Settings L2TP Username / Password Enter the required information in these fields in order to connect via L2TP to your ISP. The parameter values are determined by and can be obtained from your ISP. Confirm L2TP Password Verify your password by entering it again in this field.
custom DNS server addresses for this WAN connection into the DNS server 1 and DNS server 2 fields. 9.2 Cellular WAN To access cellular WAN settings, click Network>WAN>Details. Cellular Status IMSI This is the International Mobile Subscriber Identity which uniquely identifies the SIM card. This is applicable to 3G modems only. MEID Some Pepwave routers support both HSPA and EV-DO.
Connection Settings WAN Connection Name Enable Routing Mode Indicate a name you wish to give this WAN connection Click the checkbox to toggle the on and off state of this connection. This option allows you to select the routing method to be used in routing IP frames via the WAN connection. The mode can be either NAT (Network Address Translation) or IP Forwarding. In the case if you need to choose IP Forwarding for your scenario. Click the to enable IP Forwarding.
connected. Independent from Backup WANs If this is checked, the connection will be working independent from other Backup WAN connections. Those in Backup Priority will ignore the status of this WAN connection, and will be used when none of the other higher priority connections are available. If this is checked, the connection will disconnect when idle after the configured Time Idle Disconnect value. This option is disabled by default. Each ISP may provide a set of DNS servers for DNS lookups.
Cellular Settings SIM Card Indicate which SIM card this cellular WAN will use. Only applies to cellular WAN with redundant SIM cards. Preferred SIM Card If both cards were enabled on the above field, then you can designate the priority of the SIM card slots here. LTE/3G This drop-down menu allows restricting cellular to particular band. Click the to enable the selection of specific bands.
bands (frequencies) . When set to Manual, you can manually select the bands (frequencies) the SIM will connect to. Data Roaming This checkbox enables data roaming on this particular SIM card. When data roaming is enabled this option allows you to select in which countries the SIM has a data connection. The option is configured by using MMC (country) codes.Please check your service providers data roaming policy before proceeding.
To define the threshold manually using specific signal strength values, please click on the question Mark and the following field will be visible. General Settings Independent from Backup WANs If this is checked, the connection will be working independent from other Backup WAN connections. Those in Backup Priority will ignore the status of this WAN connection, and will be used when none of the other higher priority connections are available.
Health Check Settings Health Check Method This setting allows you to specify the health check method for the cellular connection. Available options are Disabled, Ping, DNS Lookup, HTTP, and SmartCheck. The default method is DNS Lookup. See Section 10.4 for configuration details. Timeout If a health check test cannot be completed within the specified amount of time, the test will be treated as failed. Health Check Interval This is the time interval between each health check test.
9.3 Wi-Fi WAN To access Wi-Fi WAN settings, click Network>WAN>Details. WAN Connection Settings WAN Connection Enter a name to represent this WAN connection. Name Operating Schedule Click the drop-down menu to apply a time schedule to this interface. If this is checked, the connection will be working independent from other Backup Independent from WAN connections.
Wi-Fi WAN Settings Channel Width Select the channel width for this Wi-Fi WAN. 20MHz will have greater support for older devices using 2.4Ghz, while 40MHz is appropriate for networks with newer devices that connect using 5Ghz Determine whether the channel will be automatically selected.
Bandwidth Allowance Monitor Action Start Day Monthly Allowance If Error! Reference source not found. is enabled, you will be notified by email when usage hits 75% and 95% of the monthly allowance. If Disconnect when usage hits 100% of monthly allowance is checked, this WAN connection will be disconnected automatically when the usage hits the monthly allowance. It will not resume connection unless this option has been turned off or the usage has been reset when a new billing cycle starts.
When Disabled is chosen in the Method field, the WAN connection will always be considered as up. The connection will NOT be treated as down in the event of IP routing errors. Health Check Method: PING ICMP ping packets will be issued to test the connectivity with a configurable target IP address or hostname. A WAN connection is considered as up if ping responses are received from either one or both of the ping hosts.
HTTP connections will be issued to test connectivity with configurable URLs and strings to match. URL1 WAN Settings>WAN Edit>Health Check Settings>URL1 The URL will be retrieved when performing an HTTP health check. When String to Match is left blank, a health check will pass if the HTTP return code is between 200 and 299 (Note: HTTP redirection codes 301 or 302 are treated as failures).
Dynamic DNS Settings Service Provider User ID / User / Email This setting specifies the dynamic DNS service provider to be used for the WAN. Supported providers are: changeip.com dyndns.org no-ip.org tzo.com DNS-O-Matic Select Disabled to disable this feature. This setting specifies the registered user name for the dynamic DNS service. Password / Pass / TZO Key This setting specifies the password for the dynamic DNS service. Update All Hosts Check this box to automatically update all hosts.
9.3.1 Creating Wi-Fi Connection Profiles You can manually create a profile to connect to a Wi-Fi connection. This is useful for creating a profile for connecting to hidden-SSID access points. Click Network>WAN>Details>Create Profile to get started. This will open a window similar to the one shown below Wi-Fi Connection Profile Settings Type Network Name (SSID) Security https://www.peplink.com Select whether the network will connect automatically or manually.
9.4 WAN Health Check To ensure traffic is routed to healthy WAN connections only, the Pepwave router can periodically check the health of each WAN connection. The health check settings for each WAN connection can be independently configured via Network>WAN>Details. Health Check Settings Method This setting specifies the health check method for the WAN connection. This value can be configured as Disabled, PING, DNS Lookup, or HTTP. The default method is DNS Lookup.
Health Check DNS Servers This field allows you to specify two DNS hosts IP addresses with which connectivity is to be tested via DNS lookup. If Use first two DNS servers as Health Check DNS Servers is checked, the first two DNS servers will be the DNS lookup targets for checking a connection's health. If the box is not checked, Host 1 must be filled, while a value for Host 2 is optional.
Other Health Check Settings Timeout This setting specifies the timeout in seconds for ping/DNS lookup requests. The default timeout is 5 seconds. Health Check Interval This setting specifies the time interval in seconds between ping or DNS lookup requests. The default health check interval is 5 seconds. Health Check Retries This setting specifies the number of consecutive ping/DNS lookup timeouts after which the Pepwave router will treat the corresponding WAN connection as down.
The settings for dynamic DNS service provider(s) and the association of hostname(s) are configured via Network>WAN>Details>Dynamic DNS Service Provider/Dynamic DNS Settings. Dynamic DNS Settings Dynamic DNS This setting specifies the dynamic DNS service provider to be used for the WAN based on supported dynamic DNS service providers: changeip.com dyndns.org no-ip.org tzo.com DNS-O-Matic Others Support custom Dynamic DNS servers by entering its URL. Works with any service compatible with DynDNS API.
10 Advanced Wi-Fi Settings Wi-Fi settings can be configured at Advanced>Wi-Fi Settings (or AP>Settings on some models). Note that menus displayed can vary by model. AP Settings SSID You can select the wireless networks for 2.4 GHz or 5 GHz separately for each SSID. Operating Country This drop-down menu specifies the national/regional regulations which the WiFi radio should follow.
AP Settings (part 2) Protocol This option allows you to specify whether 802.11b and/or 802.11g client association requests will be accepted. Available options are 802.11ng and 802.11na. By default, 802.11ng is selected. Channel Width Available options are 20 MHz, 40 MHz, and Auto (20/40 MHz) . Default is Auto (20/40 MHz), which allows both widths to be used simultaneously. Channel This option allows you to select which 802.11 RF channel will be utilized. Channel 1 (2.412 GHz) is selected by default.
Advanced AP Settings This field specifies the VLAN ID to tag to management traffic, such as communication traffic between the AP and the AP Controller. The value is zero Management VLAN by default, which means that no VLAN tagging will be applied. ID NOTE: Change this value with caution as alterations may result in loss of connection to the AP Controller. Operating Schedule Choose from the schedules that you have defined in System>Schedule.
Slot Time A This field is for specifying the unit wait time before transmitting a packet. By default, this field is set to 9 s. ACK Timeout A This field is for setting the wait time to receive an acknowledgement packet before performing a retransmission. By default, this field is set to 48 s. Frame Aggregation This option allows you to enable frame aggregation to increase transmission A A throughput. - Advanced feature, please click the https://www.peplink.
Web Administration Settings Enable Web Access Protocol Ticking this box enables web admin access for APs located on the WAN. Determines whether the web admin portal can be accessed through HTTP or HTTPS Management Port Determines the port at which the management UI can be accessed. Admin Username Determines the username to be used for logging into the web admin portal Admin Password Determines the password for the web admin portal on external AP.
11 ContentHub Configuration 11.1 ContentHub ContentHub allows you to deliver webpages and applications to users connected to the SSID using the local storage on your router like the Max HD2/HD4 with Mediafast, which can store up to 8GB of media. Users will be able to access news, articles, videos, and access your web app, without the need for internet access. The ContentHub can be used to provide infotainment to connected users on transport. 11.
11.3 Configure a website to be published from the ContentHub This option allows you to sync a website to the Peplink router, this website will then be published with the specified domain from the router itself and makes the content available to the client via the HTTP/HTTPS protocol. Only FTP sync is supported for this type of ContentHub content. The content should be uploaded to an FTP server before.
content. Method Only applicable for application: Choose between sync or file upload Bandwidth Limit Used to limit the bandwidth for each client to access the web server. Click Save & Apply Now to activate the changes. Below is a screenshot after configuration: The content will be sync based on the Period that is configured before. If you want to trigger the sync manually, you can click . The Status column shows the sync progress.
First install the desired framework in Package Manager as below: After installing the framework, you can select the type to Application and configure the website: https://www.peplink.
The setting is same as Website type and you can refer to the description in the above section For the Application type, you need to pack your application as below: 1. Implement two bash script files, start.sh and stop.sh in root folder, to start and stop your application. the Mediafast router will only execute start.sh and stop.sh when the corresponding website is enabled and disabled respectively. 2. Compress your application files and the bash script to .tar.gz format. 3.
MediaFast Enable Domains / IP Addresses Source IP Subnet Click the checkbox to enable MediaFast content caching. Choose to Cache on all domains, or enter domain names and then choose either Whitelist (cache the specified domains only) or Blacklist (do not cache the specified domains). This setting allows caching to be enabled on custom subnets only. If "Any" is selected, then caching will apply to all subnets.
*See https://forum.peplink.com/t/certificate-installation-for-mediafast-https-caching/ Cache Control Content Type Check these boxes to cache the listed content types or leave boxes unchecked to disable caching for the listed types. Cache Lifetime Settings Enter a file extension, such as JPG or DOC. Then enter a lifetime in days to specify how long files with that extension will be cached. Add or delete entries using the controls on the right. 12.
Name This field displays the name given to the scheduled download. Status Check the status of your scheduled download here. Next Run Time/Last Run Time These fields display the date and time of the next and most recent occurrences of the scheduled download. Last Duration Check this field to ensure that the most recent download took as long as expected to complete.
12.3 Viewing MediaFast Statistics To get details on storage and bandwidth usage, select Status>MediaFast. https://www.peplink.
13 Bandwidth Bonding SpeedFusionTM / PepVPN Pepwave bandwidth bonding SpeedFusionTM is our patented technology that enables our SDWAN routers to bond multiple Internet connections to increase site-to-site bandwidth and reliability. SpeedFusion functionality securely connects your Pepwave router to another Pepwave or Peplink device (Peplink Balance 210/310/380/580/710/1350 only). Data, voice, or video communications between these locations are kept confidential across the public Internet.
The local LAN subnet and subnets behind the LAN (defined under Static Route on the LAN settings page) will be advertised to the VPN. All VPN members (branch offices and headquarters) will be able to route to local subnets. Note that all LAN subnets and the subnets behind them must be unique. Otherwise, VPN members will not be able to access each other. All data can be routed over the VPN using the 256-bit AES encryption standard.
PepVPN Profile Settings Name This field is for specifying a name to represent this profile. The name can be any combination of alphanumeric characters (0-9, A-Z, a-z), underscores (_), dashes (-), and/or non-leading/trailing spaces ( ). Active When this box is checked, this VPN connection profile will be enabled. Otherwise, it will be disabled. Encryption By default, VPN traffic is encrypted with 256-bit AES. If Off is selected on both sides of a VPN connection, no encryption will be applied.
ID/Remote Certificate Balances VPN authentication method, as explained above. To authenticate VPN connections using X.509 certificates, copy and paste certificate details into these fields. To get more information on a listed X.509 certificate, click the Show Details link below the field. Allow Shared Remote ID When this option is enabled, the router will allow multiple peers to run using the same remote ID.
Settings>*LAN Profile Name* and refer to instructions in section 9.1 8.41 WAN Connection Priority If your device supports it, you can specify the priority of WAN connections to be used for making VPN connections. WAN connections set to OFF will never be used. WAN Connection Only available WAN connections with the highest priority will be used. Priority To enable asymmetric connections, connection mapping to remote WANs, cut-off latency, and packet loss suspension time, click the button.
Outbound Policy/PepVPN Outbound Custom Rules Some models allow you to set outbound policy and custom outbound rules from Advanced>PepVPN. See Section 14 for more information on outbound policy settings. PepVPN Local ID The local ID is a text string to identify this local unit when establishing a VPN connection. When creating a profile on a remote unit, this local ID must be entered in the remote unit's Remote ID field. Click the icon to edit Local ID.
When Faster is selected, a health check packet is sent every second, and the expected detection time is two seconds. When Extreme is selected, a health check packet is sent every 0.1 second, and the expected detection time is less than one second. A - Advanced feature, please click the button on the top right-hand corner to activate. Important Note Peplink proprietary SpeedFusionTM uses TCP port 32015 and UDP port 4500 for establishing VPN connections.
One of the WANs connected to Router A is non-NATd (212.1.1.1). The rest of the WANs connected to Router A and all WANs connected to Router B are NATd. In this case, the Peer IP Addresses / Host Names field for Router B should be filled with all of Router As hostnames or public IP addresses (i.e., 212.1.1.1, 212.2.2.2, and 212.3.3.3), and the field in Router A can be left blank.
headquarters or to other branches. Data, voice, and video communications between these locations are kept safe and confidential across the public Internet. IPsec VPN on Pepwave routers is specially designed for multi-WAN environments. For instance, if a user sets up multiple IPsec profiles for a multi-WAN environment and WAN1 is connected and healthy, IPsec traffic will go through this link. However, should unforeseen problems (e.g.
IPsec VPN Settings https://www.peplink.
Name This field is for specifying a local name to represent this connection profile. Active When this box is checked, this IPsec VPN connection profile will be enabled. Otherwise, it will be disabled. Connect Upon Check this box and select a WAN to connect to this VPN automatically when the Disconnection specified WAN is disconnected. of Remote Gateway IP Enter the remote peers public IP address. For Aggressive Mode, this is optional. Address / Host Name Enter the local LAN subnets here.
This defines the peer authentication pre-shared key used to authenticate this VPN Pre-shared Key connection. The connection will be up only if the pre-shared keys on each side match. Remote Available only when X.509 Certificate is chosen as the Authentication method, Certificate (pem this field allows you to paste a valid X.509 certificate. encoded) Local ID In Main Mode, this field can be left blank.
WAN Connection Priority WAN Connection Select the appropriate WAN connection from the drop-down menu. 15 Outbound Policy Management Pepwave routers can flexibly manage and load balance outbound traffic among WAN connections. Important Note Outbound policy is applied only when more than one WAN connection is active. The settings for managing and load balancing outbound traffic are Advanced>Outbound Policy or Advanced>PepVPN, depending on the model. located at 15.
There are three main selections for the outbound traffic policy: High Application Compatibility Normal Application Compatibility Custom Note that some Pepwave routers provide only the Send All Traffic To setting here. See Section 12.1 for details. Outbound Policy Settings Outbound traffic from a source LAN device is routed through the same WAN High Application connection regardless of the destination Internet IP address and protocol. This Compatibility option provides the highest application compatibility.
http://youtu.be/rKH4AS_bQnE 15.2 Custom Rules for Outbound Policy Click in the Outbound Policy form. Choose Custom and press the Save button. 15.2.1 Algorithm: Weighted Balance This setting specifies the ratio of WAN connection usage to be applied on the specified IP protocol and port. This setting is applicable only when Algorithm is set to Weighted Balance. https://www.peplink.
The amount of matching traffic that is distributed to a WAN connection is proportional to the weight of the WAN connection relative to the total weight. Use the sliders to change each WANs weight. For example, with the following weight settings: Ethernet WAN1: 10 Ethernet WAN2: 10 Wi-Fi WAN: 10 Cellular 1: 10 Cellular 2: 10 USB: 10 Total weight is 60 = (10 +10 + 10 + 10 + 10 + 10). Matching traffic distributed to Ethernet WAN1 is 16.7% = (10 / 60 x 100%. Matching traffic distributed to Ethernet WAN2 is 16.
is that an IP address change during a session may be the result of an unauthorized intrusion attempt. Therefore, to prevent damages from the potential intrusion, the session is terminated upon the detection of an IP address change. Pepwave routers can be configured to distribute data traffic across multiple WAN connections. Also, the Internet IP depends on the WAN connections over which communication actually takes place.
Matching traffic will be routed through the specified WAN connection, regardless of the health check status of the WAN connection. Starting from Firmware 5.2, outbound traffic can be enforced to go through a specified SpeedFusionTM connection. 15.2.4 Algorithm: Priority This setting specifies the priority of the WAN connections used to route the specified network service. The highest priority WAN connection available will always be used for routing the specified type of traffic.
Drag and drop to specify the order of WAN connections to be used for routing traffic. Only the highest priority healthy connection that is not in full load will be used. 15.2.6 Algorithm: Least Used The traffic matching this rule will be routed through the healthy WAN connection that is selected in Connection and has the most available download bandwidth.
A latency sensitive application must be routed through the lowest latency WAN, regardless of the WANs available bandwidth. 15.2.8 Expert Mode Expert Mode is available on some Pepwave routers for use by advanced users. To enable the feature, click on the help icon and click turn on Expert Mode In Expert Mode, a new special rule, SpeedFusionTM Routes, is displayed in the Custom Rules table. This rule represents all SpeedFusionTM routes learned from remote VPN peers.
Port Forwarding Settings Enable This setting specifies whether the inbound service takes effect. When Enable is checked, the inbound service takes effect: traffic is matched and actions are taken by the Pepwave router based on the other parameters of the rule. When this setting is disabled, the inbound service does not take effect: the Pepwave router disregards the other parameters of the rule. Service Name This setting identifies the service to the system administrator.
The Port setting specifies the port(s) that correspond to the service, and can be configured to behave in one of the following manners: Any Port, Single Port, Port Range, Port Map, and Range Mapping Any Port: all traffic that is received by the Pepwave router via the specified protocol is forwarded to the servers specified by the Servers setting. For example, with IP Protocol set to TCP, and Port set to Any Port, all TCP traffic is forwarded to the configured servers.
When a computer creates a rule using these protocols, the specified TCP/UDP port of all WAN connections' default IP address will be forwarded. Check the corresponding box(es) to enable UPnP and/or NAT-PMP. Enable these features only if you trust the computers connected to the LAN ports. When the options are enabled, a table listing all the forwarded ports under these two protocols can be found at Status>UPnP / NAT-PMP.