ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
Network Planning for Dual WAN Ports (UTM25 Only) B-17
v1.0, September 2009
VPN Telecommuter: Dual Gateway WAN Ports for Improved Reliability
In a dual-WAN port auto-rollover gateway configuration, the remote PC client initiates the VPN
tunnel with the active gateway WAN port (port WAN1 in Figure B-18) because the IP address of
the remote NAT router is not known in advance. The gateway WAN port must act as the responder .
The IP addresses of the gateway WAN ports can be either fixed or dynamic, but you must always
use a FQDN because the active WAN port could be either WAN1 or WAN2 (that is, the IP address
of the active WAN port is not known in advance).
After a rollover of the WAN port has occurred, the previously inactive gateway WAN port
becomes the active port (port WAN2 in FigureB-19) and the remote PC must re-establish the VPN
tunnel. The gateway WAN port must act as the responder.
Figure B-18
Figure B-19