Network Planning for Multiple WAN Ports
318
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Figure 192.
The purpose of the FQDN in this case is to toggle the domain name of the gateway firewall
between the IP addresses of the active WAN port (that is, WAN1 and WAN2) so that the
remote computer client can determine the gateway IP address to establish or reestablish a
VPN tunnel.
VPN Road Warrior: Dual Gateway WAN Ports for Load Balancing
In a gateway configuration with dual WAN ports that function in load balancing mode, the
remote computer initiates the VPN tunnel with the appropriate gateway WAN port (that is,
port WAN1 or WAN2 as necessary to balance the loads of the two gateway WAN ports)
because the IP address of the active WAN port is not known in advance. The selected
gateway WAN port needs to act as the responder.
Figure 193.
The IP addresses of the gateway WAN ports can be either fixed or dynamic. If an IP address
is dynamic, you need to use an FQDN. If an IP address is fixed, an FQDN is optional.
VPN Gateway-to-Gateway
The following situations exemplify the requirements for a gateway VPN firewall such as an
VPN firewall to establish a VPN tunnel with another gateway VPN firewall:
• Single-gateway WAN ports
To Next Page
Loading...
