The Fail-Over Case For Routers With Dual Wan Ports; Single Or Multiple Exposed Hosts - NETGEAR ProSafe FVS338 Reference Manual

Vpn firewall 50

Hide thumbs Also See for ProSafe FVS338:

Reference manual (200 pages)

Application note (5 pages)

Installation manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

Table of Contents

Reference Manual for the ProSafe VPN Firewall 50 FVS338

Note: Once the gateway router WAN port fails over, the VPN tunnel collapses and must

be re-established using the new WAN IP address.

The Fail-over Case for Routers With Dual WAN Ports

Failover

(Figure

3-1) for the dual WAN port case is different from the single gateway WAN port

case when specifying the IP address. Only one WAN port is active at a time and when it fails over,

the IP address of the active WAN port always changes. Hence, the use of a fully-qualified domain

name is always required, even when the IP address of each WAN port is fixed.

Dual WAN Ports (Before Failover)

Router

WAN1 port active

WAN2 port inactive

IP address of active WAN port changes after a failover:

o use of fully-qualified domain names always required

o features requiring fixed IP address blocks not supported

Figure 3-1: Dual WAN ports before and after failover

Features such as multiple exposed hosts are not supported in general when using dual WAN port

failover because the IP addresses of each WAN port must be in the identical range of fixed

addresses.

Note: In certain locales, an ISP has been able to provision the same IP address for the

broadband and PSTN service so that the failover to a serial connection would be as

seamless as possible.

Single or Multiple Exposed Hosts

Incoming traffic from the Internet is normally discarded by the firewall unless the traffic is a

response to one of your local computers or a service that you have configured in the Incoming

Rules menu. Instead of discarding this traffic, you can have it forwarded to one or more LAN hosts

on your network. These LAN hosts are called exposed hosts. The addressing of the router's dual

WAN port depends on the configuration being implemented:

3-2

WAN1 IP

PSTN

WAN2 IP (N/A)

January 2005

Dual WAN Ports (After Failover)

WAN1 IP (N/A)

Router

WAN1 port inactive

PSTN

WAN2 port active

WAN2 IP

Network Planning

Table of Contents

The Fail-Over Case For Routers With Dual Wan Ports; Single Or Multiple Exposed Hosts - NETGEAR ProSafe FVS338 Reference Manual

The Fail-over Case for Routers With Dual WAN Ports

Single or Multiple Exposed Hosts

Troubleshooting

Related Manuals for NETGEAR ProSafe FVS338

Related Content for NETGEAR ProSafe FVS338

Table of Contents