Netgear SRX5308 SRX5308 Reference Manual - Page 327
Inbound Traffic, Inbound Traffic to a Single WAN Port System
UPC - 606449065145
View all Netgear SRX5308 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 327 highlights
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual • Dual WAN ports in load balancing mode. Load balancing for a VPN firewall with dual WAN ports is similar to a single WAN gateway configuration when you specify the IP address. Each IP address is either fixed or dynamic based on the ISP: You must use FQDNs when the IP address is dynamic, but FQDNs are optional when the IP address is static. Figure B-3 Inbound Traffic Incoming traffic from the Internet is normally discarded by the VPN firewall unless the traffic is a response to one of your local computers or a service for which you have configured an inbound rule. Instead of discarding this traffic, you can configure the VPN firewall to forward it to one or more LAN hosts on your network. The addressing of the VPN firewall's dual WAN port depends on the configuration being implemented. Table B-1. IP Addressing Requirements for Exposed Hosts in a Dual WAN Port Configuration Configuration and WAN IP address Single WAN Port (Reference Case) Inbound traffic • Port forwarding • Port triggering Fixed Dynamic Allowed (FQDN optional) FQDN required Dual WAN Port Cases Rollover FQDN required FQDN required Load Balancing Allowed (FQDN optional) FQDN required Inbound Traffic to a Single WAN Port System The Internet IP address of the VPN firewall's WAN port must be known to the public so that the public can send incoming traffic to the exposed host when this feature is supported and enabled. Network Planning for Multiple WAN Ports B-7 v1.0, April 2010