NETGEAR UTM5-100NAS Network Hardware User Manual


 
ProSecure Unified Threat Management (UTM) Appliance Reference Manual
Network Planning for Dual WAN Ports (Dual-WAN Port Models Only) B-9
v1.0, January 2010
Virtual Private Networks (VPNs)
When implementing virtual private network (VPN) tunnels, a mechanism must be used for
determining the IP addresses of the tunnel end points. The addressing of the firewall’s dual WAN
port depends on the configuration being implemented:
Figure B-6
Table B-2. IP addressing requirements for VPNs in dual WAN port systems
Configuration and WAN IP address
Single WAN Port
Configurations
(Reference Cases)
Dual WAN Port Configurations
Rollover Mode
a
a. All tunnels must be re-established after a rollover using the new WAN IP address.
Load Balancing Mode
“VPN Road Warrior (Client-
to-Gateway)
Fixed Allowed
(FQDN optional)
FQDN required Allowed
(FQDN optional)
Dynamic FQDN required FQDN required FQDN required
“VPN Gateway-to-Gateway Fixed Allowed
(FQDN optional)
FQDN required Allowed
(FQDN optional)
Dynamic FQDN required FQDN required FQDN required
“VPN Telecommuter (Client-
to-Gateway Through a NAT
Router)
Fixed Allowed
(FQDN optional)
FQDN required Allowed
(FQDN optional)
Dynamic FQDN required FQDN required FQDN required