User's Manual
Pepwave MAX and Surf User Manual
http://www.pepwave.com
74
Copyright @ 2015 Pepwave
sure to enter a unique peer ID number in the Remote ID field.
Remote ID /
Pre-shared Key
This optional field becomes available when Remote ID /Pre-shared Key is selected as the
Peplink Balance’s VPN Authentication method, as explained above. Pre-shared Key
defines the pre-shared key used for this particular VPN connection. While the Remote ID is
mandatory for authentication, the Pre-shared Key is optional; providing an extra layer of
security.
The connection will be up only if the pre-shared keys on each side match. When the peer is
running firmware 5.0+, this setting will be ignored. Pre-shared keys can be up to 63
characters in length,
Enter Remote IDs either by typing out each Remote ID and Pre-shared Key, or by pasting a
CSV. If you wish to paste your credentials from an existing CSV file, click the icon next
to the “Remote ID / Preshared Key” setting.
Remote
ID/Remote
Certificate
These optional fields become available when X.509 is selected as the Peplink Balance’s
VPN authentication method, as explained above. To authenticate VPN connections using
X.509 certificates, copy and paste certificate details into these fields. To get more
information on a listed X.509 certificate, click the Show Details link below the field.
Allow Shared
Remote ID
When this option is enabled, the router will allow multiple peers to run using the same
remote ID.
NAT Mode
When NAT Mode is enabled, all remote traffic over the VPN will be tagged with the IP
address assigned by the DHCP server.
This prevents address conflicts when multiple remote sites are on the same LAN subnet.
Remote IP
Address / Host
Names
(Optional)
If NAT Mode is not enabled, you can enter a remote peer’s WAN IP address or
hostname(s) here. If the remote uses more than one address, enter only one of them here.
Multiple hostnames are allowed and can be separated by a space character or carriage
return. Dynamic-DNS host names are also accepted.
This field is optional. With this field filled, the Peplink Balance will initiate connection to each
of the remote IP addresses until it succeeds in making a connection. If the field is empty,
the Peplink Balance will wait for connection from the remote peer. Therefore, at least one of
the two VPN peers must specify this value. Otherwise, VPN connections cannot be
established.
Data Port
This field is used to specify a UDP port number for transporting outgoing VPN data. If
Default is selected, UDP port 4500 will be used. Port 32015 will be used if the remote unit
uses Firmware prior to version 5.4 or if port 4500 is unavailable.
If Custom is selected, enter an outgoing port number from 1 to 65535. This is useful for
situations where UDP ports 4500 and 32015 are blocked.
Port numbers do not need to be the same on both ends of the VPN tunnel.
Bandwidth
Limit
Define maximum download and upload speed to each individual peer. This functionality
requiresthe peer to use PepVPN version 4.0.0 or above.
WAN
Select the degreeto which WAN Smoothing will be implemented across your WAN links.