NETGEAR UTM5-100NAS Network Hardware User Manual


 
ProSecure Unified Threat Management (UTM) Appliance Reference Manual
Manually Configuring Internet and WAN Settings 3-17
v1.0, January 2010
Configuring Secondary WAN Addresses
A single WAN Ethernet port can be accessed through multiple IP addresses by adding aliases to
the port. An alias is a secondary WAN address. One advantage is, for example, that you can assign
different virtual IP addresses to a Web server and FTP server, even though both servers use the
same physical IP address. You can add several secondary IP addresses to the WAN port of a single-
WAN port model or to WAN1 port and WAN2 port of a dual-WAN port model.
After you have configured secondary WAN addresses, these addresses are displayed on the
following firewall rule screens:
In the WAN Destination IP Address pull-down menus of the following inbound firewall rule
screens:
Add LAN WAN Inbound Service screen
Add DMZ WAN Inbound Service screen
In the NAT IP pull-down menus of the following outbound firewall rule screens:
Add LAN WAN Outbound Service screen
Add DMZ WAN Outbound Service screen
For more information about firewall rules, see “Using Rules to Block or Allow Specific Kinds of
Traffic” on page 5-3).
It is important that you ensure that any secondary WAN addresses are different from the
primary WAN, LAN, and DMZ IP addresses that are already configured on the UTM.
However, primary and secondary WAN addresses can be in the same subnet. The
following is an example of properly configured IP addresses on a dual-WAN port model:
Primary WAN1 IP address: 10.0.0.1 with subnet 255.0.0.0
Secondary WAN1 IP: 30.0.0.1 with subnet 255.0.0.0
Primary WAN2 IP address: 20.0.0.1 with subnet 255.0.0.0
Secondary WAN2 IP: 40.0.0.1 with subnet 255.0.0.0
DMZ IP address: 192.168.10.1 with subnet 255.255.255.0
Primary LAN IP address: 192.168.1.1 with subnet 255.255.255.0
Secondary LAN IP: 192.168.20.1 with subnet 255.255.255.0