ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
The WAN Mode screen allows you to configure how the VPN firewalll uses the external Internet connection. This screen gives you two choices for accessing the external Internet connection.
•Network Address Translation (NAT). This technique allows several computers on a LAN to share the same Internet connection (IP address) while using private IP address on the LAN, which are hidden from the Internet.
•Classical Routing. This method allows the VPN firewall to perform the routing, but requires separate valid static Internet IP address for each PC on your LAN.
Network Address Translation
Network Address Translation (NAT) allows all PCs on your LAN to share a single public Internet IP address. From the Internet, there is only a single device (the VPN firewall) and a single IP address. PCs on your LAN can use any private IP address range, and these IP addresses are not visible from the Internet.
•The VPN firewall uses NAT to select the correct PC (on your LAN) to receive any incoming data.
•If you only have a single public Internet IP address, you MUST use NAT. (the default setting).
•If your ISP has provided you with multiple public IP addresses, you can use one address as the primary shared address for Internet access by your PCs, and you can map incoming traffic on the other public IP addresses to specific PCs on your LAN. This
Classical Routing
In classical routing mode, the VPN firewall performs routing, but without NAT. To gain Internet access, each PC on your LAN must have a valid static Internet IP address.
If your ISP has allocated a number of static IP addresses to you, and you have assigned one of these addresses to each PC, you can choose classical routing. Or, you can use classical routing for routing private IP addresses within a campus environment.
To learn the status of the WAN port, you can view the Router Status screen (see “Viewing the VPN Firewall Configuration and System Status” on page
Connecting the VPN Firewall to the Internet |
