Netgear SRX5308 SRX5308 Reference Manual - Page 329
Virtual Private Networks, B-6
UPC - 606449065145
View all Netgear SRX5308 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 329 highlights
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Note: Load balancing is implemented for outgoing traffic and not for incoming traffic. Consider making one of the WAN port Internet addresses public and keeping the other one private in order to maintain better control of WAN port traffic. Figure B-6 Virtual Private Networks When implementing virtual private network (VPN) tunnels, you must use a mechanism for determining the IP addresses of the tunnel endpoints. The addressing of the firewall's WAN ports in a dual WAN port auto-rollover or load balancing configuration depends on the configuration being implemented. Table B-2. IP Addressing Requirements for VPNs in a Dual WAN Port Configuration Configuration and WAN IP address Single WAN Port Dual WAN Port Configurations Configurations (Reference Cases) Rollover Modea Load Balancing Mode "VPN Road Warrior (Client- Fixed to-Gateway)" Allowed (FQDN optional) Dynamic FQDN required "VPN Gateway-to-Gateway" Fixed Allowed (FQDN optional) Dynamic FQDN required "VPN Telecommuter (Client- Fixed to-Gateway through a NAT Router)" Dynamic Allowed (FQDN optional) FQDN required FQDN required FQDN required FQDN required FQDN required FQDN required FQDN required Allowed (FQDN optional) FQDN required Allowed (FQDN optional) FQDN required Allowed (FQDN optional) FQDN required a. All tunnels must be reestablished after a rollover using the new WAN IP address. Network Planning for Multiple WAN Ports B-9 v1.0, April 2010