ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
2-10 Connecting the VPN Firewall to the Internet
v1.1, August 2010
The WAN Mode screen allows you to configure how the VPN firewalll uses the external Internet
connection. This screen gives you two choices for accessing the external Internet connection.
• Network Address Translation (NAT). This technique allows several computers on a LAN to
share the same Internet connection (IP address) while using private IP address on the LAN,
which are hidden from the Internet.
• Classical Routing. This method allows the VPN firewall to perform the routing, but requires
separate valid static Internet IP address for each PC on your LAN.
Network Address Translation
Network Address Translation (NAT) allows all PCs on your LAN to share a single public Internet
IP address. From the Internet, there is only a single device (the VPN firewall) and a single IP
address. PCs on your LAN can use any private IP address range, and these IP addresses are not
visible from the Internet.
• The VPN firewall uses NAT to select the correct PC (on your LAN) to receive any incoming
data.
• If you only have a single public Internet IP address, you MUST use NAT. (the default setting).
• If your ISP has provided you with multiple public IP addresses, you can use one address as the
primary shared address for Internet access by your PCs, and you can map incoming traffic on
the other public IP addresses to specific PCs on your LAN. This one-to-one inbound mapping
is configured using an inbound firewall rule.
Classical Routing
In classical routing mode, the VPN firewall performs routing, but without NAT. To gain Internet
access, each PC on your LAN must have a valid static Internet IP address.
If your ISP has allocated a number of static IP addresses to you, and you have assigned one of
these addresses to each PC, you can choose classical routing. Or, you can use classical routing for
routing private IP addresses within a campus environment.
To learn the status of the WAN port, you can view the Router Status screen (see “Viewing the
VPN Firewall Configuration and System Status” on page 6-30) or look at the LEDs on the front
panel (see “VPN Firewall Front and Rear Panels” on page 1-6).