IPv4 and IPv6 Internet and WAN Settings
46
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Note: The default time to roll over after the primary WAN interface fails is
2
minutes. The minimum test period is 30 seconds, and the
minimum number of tests is 2.
5. Click Apply to save your settings.
You can configure the VPN firewall to generate a WAN status log and email this log to a
spe
cified address (see Configure Logging, Alerts, and Event Notifications on page 353).
Configure Secondary WAN Addresses
You can set up a single WAN Ethernet port to be accessed through multiple IPv4 addresses
by adding aliases to the port. An alias is a secondary WAN address. One advantage is, for
example, that you can assign different virtual IP addresses to a web server and an FTP
server, even though both servers use the same physical IP address. You can add several
secondary IP addresses to a single WAN port.
Table 7. Failure detection method settings
Setting Description
Failure Detection
Method
Select a failure detection method from the drop-down list:
• WAN DNS. DNS queries are sent to the DNS server that is configured in the
Domain Name Server (DNS) Servers section of the WAN ISP screen (see Manually
Configure an IPv4 Internet Connection on
page 33).
• Custom DNS. DNS queries are sent to a DNS server that you need to specify in
the DNS Server fields.
• Ping. Ping
s are sent to a server with a public IP address that you need to specify
in the IP Address fields. The server should not reject the ping request and should
not consider ping traffic to be abusive.
Note: DNS queries or pings are sent through the WAN interface that
is being
monitored. The retry interval and number of failover attempts determine how quickly
the VPN firewall switches from the primary link to the backup link if the primary link
fails, or when the primary link comes back up, switches back from the backup link to
the primary link.
DNS Server The IP address of the DNS server.
IP Ad
dress The IP address of the ping server.
Retry Interval is The retry interval in seconds. The DNS query or ping is sent periodically after every
test period. The default test period is 30 seconds.
Failover after The number of failover attempts. The primary WAN interface is considered down after
the specified number of queries have failed to elicit a reply. The backup interface is
brought up after this situation has occurred. The failover default is 4 failures.