Netgear FVS336G-100NAS Reference Manual - Page 39
Network Address Translation, Classical Routing, WAN Failure Detection Method, Load Balancing Mode
View all Netgear FVS336G-100NAS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 39 highlights
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual If you want to use a redundant ISP link for backup purposes, select the WAN port that will act as the primary link for this mode. Ensure that the backup WAN port has also been configured and that you configure the WAN Failure Detection Method to support Auto-Rollover. • Load Balancing Mode. The VPN firewall distributes the outbound traffic equally among the WAN interfaces that are functional. Note: Scenarios could arise when load balancing needs to be bypassed for certain traffic or applications. If certain traffic needs to travel on a specific WAN interface, configure protocol binding rules for that WAN interface. The rule should match the desired traffic. • Single WAN Port Mode. The selected WAN interface is made primary and the other is disabled. For whichever WAN mode you choose, you must also choose either NAT or classical routing, as explained in the following sections. Network Address Translation Network Address Translation (NAT) allows all PCs on your LAN to share a single public Internet IP address. From the Internet, there is only a single device (the VPN firewall) and a single IP address. PCs on your LAN can use any private IP address range, and these IP addresses are not visible from the Internet. • The VPN firewall uses NAT to select the correct PC (on your LAN) to receive any incoming data. • If you only have a single public Internet IP address, you MUST use NAT. (the default setting). • If your ISP has provided you with multiple public IP addresses, you can use one address as the primary shared address for Internet access by your PCs, and you can map incoming traffic on the other public IP addresses to specific PCs on your LAN. This one-to-one inbound mapping is configured using an inbound firewall rule. Classical Routing In classical routing mode, the VPN firewall performs routing, but without NAT. To gain Internet access, each PC on your LAN must have a valid static Internet IP address. If your ISP has allocated a number of static IP addresses to you, and you have assigned one of these addresses to each PC, you can choose classical routing. Or, you can use classical routing for routing private IP addresses within a campus environment. Connecting the FVS336G to the Internet v1.0, October 2007 2-13