ProSecure Unified Threat Management (UTM) Appliance

The IP address of the gateway WAN port can be either fixed or dynamic. If the IP address is dynamic, you need to use an FQDN. If the IP address is fixed, an FQDN is optional.

VPN Telecommuter: Dual-Gateway WAN Ports for Improved Reliability

In a dual WAN port auto-rollover gateway configuration, the remote VPN client initiates the VPN tunnel with the active gateway WAN port (port WAN1 in the following figure) because the IP address of the remote NAT router is not known in advance. The gateway WAN port needs to function as the responder.

Figure 375.

The IP addresses of the gateway WAN ports can be either fixed or dynamic, but you always need to use an FQDN because the active WAN port could be either WAN1 or WAN2 (that is, the IP address of the active WAN port is not known in advance).

After a rollover of the WAN port has occurred, the previously inactive gateway WAN port becomes the active port (port WAN2 in the following figure), and the remote VPN needs to reestablish the VPN tunnel. The gateway WAN port needs to function as the responder.

Figure 376.

The purpose of the FQDN is to toggle the domain name of the gateway between the IP addresses of the active WAN port that is, WAN1 and WAN2) so that the remote VPN client can determine the gateway IP address to establish or reestablish a VPN tunnel.

Network Planning for Dual WAN Ports (Multiple WAN Port Models Only)

636

Page 636
Image 636
NETGEAR UTM5EW-100NAS, STM150EW-100NAS manual 636