ProSecure Unified Threat Management (UTM) Appliance Reference Manual
Network Planning for Dual WAN Ports (Dual-WAN Port Models Only) B-15
v1.0, January 2010
After a rollover of a gateway WAN port, the previously inactive gateway WAN port becomes the
active port (port WAN_A2 in Figure B-15) and one of the gateways must re-establish the VPN
tunnel.
The purpose of the FQDNs is to toggle the domain name of the rolled-over gateway between the IP
addresses of the active WAN port (that is, WAN_A1 and WAN_A2 in Figure B-15) so that the
other end of the tunnel has a known gateway IP address to establish or re-establish a VPN tunnel.
VPN Gateway-to-Gateway: Dual Gateway WAN Ports for Load Balancing
In a configuration with two dual-WAN port VPN gateways that function in load balancing mode,
either of the gateway WAN ports at one end can be programmed in advance to initiate the VPN
tunnel with the appropriate gateway WAN port at the other end as necessary to manage the loads of
the gateway WAN ports because the IP addresses of the WAN ports are known in advance.
The IP addresses of the gateway WAN ports can be either fixed or dynamic. If an IP address is
dynamic, you must use a FQDN. If an IP address is fixed, an FQDN is optional.
Figure B-15
Figure B-16