ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
B-6
Network Planning for Dual WAN Ports (UTM25 Only)
v1.0, September 2009
These various types of traffic and auto-rollover or load balancing all interact to make the planning
process more challenging:
•
Inbound Traffic
. Unrequested incoming traffic can be directed to a PC on your LAN rather
than being discarded. The mechanism for making the IP address public depends on whether
the dual WAN ports are configured for auto-rollover or load balancing.
•
Virtual Private Networks
. A virtual private network (VPN) tunnel provides a secure
communication channel between either two gateway VPN firewalls or between a remote PC
client and gateway VPN firewall. As a result, the IP address of at least one of the tunnel
endpoints must be known in advance in order for the other tunnel end point to establish (or re-
establish) the VPN tunnel.
•
Dual WAN Ports in Auto-Rollover Mode
. Rollover for an UTM with dual WAN ports is
different from a single-WAN port gateway configuration when you specify the IP address.
Only one WAN port is active at a time and when it rolls over, the IP address of the active WAN
port always changes. Therefore, the use of a fully qualified domain name (FQDN) is always
required, even when the IP address of each WAN port is fixed.
Features such as multiple exposed hosts are not supported in auto-rollover mode because the
IP addresses of each WAN port must be in the identical range of fixed addresses.
Note:
When the UTM’s WAN port rolls over, the VPN tunnel collapses and must be
re-established using the new WAN IP address. However, you can configure
automatic IPsec VPN rollover to ensure that an IPsec VPN tunnel is re-
established.
Figure B-2
Содержание UTM10 - ProSecure Unified Threat Management Appliance
Страница 6: ...v1 0 September 2009 vi...
Страница 16: ...ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual xvi v1 0 September 2009...
Страница 114: ...ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4 28 LAN Configuration v1 0 September 2009...
Страница 464: ...ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual E 2 Related Documents v1 0 September 2009...