ProSecure Unified Threat Management (UTM) Appliance

Static Route Example

In this example, we assume the following:

The UTM’s primary Internet access is through a cable modem to an ISP.

The UTM is on a local LAN with IP address 192.168.1.100.

The UTM connects to a remote network where you need to access a device.

The LAN IP address of the remote network is 134.177.0.0.

When you first configured the UTM, two implicit static routes were created:

A default static route was created with your ISP as the gateway.

A second static route was created to the local LAN for all 192.168.1.x addresses.

With this configuration, if you attempt to access a device on the 134.177.0.0 remote network, the UTM forwards your request to the ISP. In turn, the ISP forwards your request to the remote network, where the request is likely to be denied by the remote network’s firewall.

In this case, you need to define a static route, informing the UTM that the 134.177.0.0 IP address should be accessed through the local LAN IP address (192.168.1.100).

The static route on the UTM needs to be defined as follows:

The destination IP address and IP subnet mask need to specify that the static route applies to all 134.177.x.x IP addresses.

The gateway IP address needs to specify that all traffic for the 134.177.x.x IP addresses should be forwarded to the local LAN IP address (192.168.1.100).

A metric value of 1 should work since the UTM is on the local LAN.

The static route can be made private only as a precautionary security measure in case RIP is activated.

LAN Configuration

126

Page 126
Image 126
NETGEAR UTM5EW-100NAS, STM150EW-100NAS manual Static Route Example, 126