ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
5-2 Virtual Private Networking Using IPsec Connections
v1.0, April 2010
The following diagrams and table show how the WAN mode selection relates to VPN
configuration.
Table 5-1 summarizes the WAN addressing requirements (FQDN or IP address) for a VPN tunnel
in either dual WAN mode.
Figure 5-1
Figure 5-2
Table 5-1. IP Addressing for VPNs in Dual WAN Port Systems
Configuration and WAN IP address Rollover Mode
a
a. All tunnels must be r-established after a rollover using the new WAN IP address.
Load Balancing Mode
VPN “Road Warrior”
(client-to-gateway)
Fixed FQDN required FQDN Allowed (optional)
Dynamic FQDN required FQDN required
VPN “Gateway-to-Gateway” Fixed FQDN required FQDN Allowed (optional)
Dynamic FQDN required FQDN required
VPN “Telecommuter”
(client-to-gateway through a
NAT router)
Fixed FQDN required FQDN Allowed (optional)
Dynamic FQDN required FQDN required
Rest of
VPN Firewall
Functions
VPN Firewall
WAN Port
Functions
VPN Firewall
Rollover
Control
VPN Firewall
WAN 1 Port
WAN 2 Port
Internet
Same FQDN required for both WAN ports
WAN Auto-Rollover: FQDN Required for VPN
Rest of
VPN Firewall
Functions
VPN Firewall
WAN Port
Functions
Load
Balancing
Control
VPN Firewall
WAN 1 Port
WAN 2 Port
Internet
FQDN required for dynamic IP addresses
WAN Load Balancing: FQDN Optional for VPN
FQDN optional for static IP addresses
To Next Page
Loading...
