Network Planning for Multiple WAN Ports
322
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Figure 199.
The IP addresses of the gateway WAN ports can be either fixed or dynamic, but you always
need to use an FQDN because the active WAN port could be either WAN1 or WAN2 (that is,
the IP address of the active WAN port is not known in advance).
After a rollover of the WAN port has occurred, the previously inactive gateway WAN port
becomes the active port (port WAN2 in the following figure), and the remote computer needs
to reestablish the VPN tunnel. The gateway WAN port needs to act as the responder.
Figure 200.
The purpose of the FQDN is to toggle the domain name of the gateway between the IP
addresses of the active WAN port that is, WAN1 and WAN2) so that the remote computer
client can determine the gateway IP address to establish or reestablish a VPN tunnel.
VPN Telecommuter: Dual Gateway WAN Ports for Load Balancing
In a gateway configuration with dual WAN ports that function in load balancing mode, the
remote computer client initiates the VPN tunnel with the appropriate gateway WAN port (that
is, port WAN1 or WAN2 as necessary to balance the loads of the two gateway WAN ports)
because the IP address of the remote NAT router is not known in advance. The selected
gateway WAN port needs to act as the responder.
To Next Page
Loading...
Need help?
General