Vpn Telecommuter: Dual Gateway Wan Ports For Improved Reliability - NETGEAR FVX538 - ProSafe VPN Firewall 200 Router Reference Manual

Vpn firewall

Hide thumbs Also See for FVX538 - ProSafe VPN Firewall 200 Router:

Reference manual (222 pages)

Reference manual (240 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

Table of Contents

VPN Telecommuter: Dual Gateway WAN Ports for Improved Reliability

In the case of the dual WAN ports on the gateway VPN firewall

client initiates the VPN tunnel with the active gateway WAN port (port WAN1 in this example)

because the IP address of the remote NAT router is not known in advance. The gateway WAN port

must act as the responder.

Telecommuter Example

10.5.6.0/24

(Dual WAN Ports, Before Rollover)

Gateway A

LAN IP

10.5.6.1

VPN Router

(at employer's

main office)

Figure 3-17: Dual gateway WAN ports, before rollover, for VPN telecommuter

The IP addresses of the gateway WAN ports can be either fixed or dynamic, but a fully-qualified

domain name must always be used because the active WAN port could be either WAN1 or WAN2

(i.e., the IP address of the active WAN port is not known in advance).

After a rollover of the gateway WAN port

port becomes the active port (port WAN2 in this example) and the remote PC must re-establish the

VPN tunnel. The gateway WAN port must act as the responder.

Telecommuter Example

10.5.6.0/24

(Dual WAN Ports, After Rollover)

Gateway A

LAN IP

10.5.6.1

VPN Router

(at employer's

main office)

Figure 3-18: Dual gateway WAN ports, after rollover, for VPN telecommuter

Network Planning

Reference Manual for the ProSafe VPN Firewall 200 FVX538

WAN1 IP

bzrouter1.dyndns.org

WAN2 port inactive

WAN2 IP (N/A)

Fully-Qualified Domain Names (FQDN)

- required for Fixed IP addresses

- required for Dynamic IP addresses

(Figure

3-18), the previously inactive gateway WAN

WAN1 IP (N/A)

WAN1 port inactive

bzrouter2.dyndns.org

WAN2 IP

Fully-Qualified Domain Names (FQDN)

- required for Fixed IP addresses

- required for Dynamic IP addresses

Remote PC must re-establish VPN tunnel after a rollover

January 2005

(Figure

3-17), the remote PC

NAT Router B

WAN IP

0.0.0.0

NAT Router

(at telecommuter's

home office)

NAT Router B

WAN IP

0.0.0.0

NAT Router

(at telecommuter's

home office)

Client B

Remote PC

(running NETGEAR

ProSafe VPN Client)

Client B

Remote PC

(running NETGEAR

ProSafe VPN Client)

3-13

Table of Contents

Troubleshooting

This manual is also suitable for:

Prosafe fvx538

Vpn Telecommuter: Dual Gateway Wan Ports For Improved Reliability - NETGEAR FVX538 - ProSafe VPN Firewall 200 Router Reference Manual

VPN Telecommuter: Dual Gateway WAN Ports for Improved Reliability

Troubleshooting

Related Manuals for NETGEAR FVX538 - ProSafe VPN Firewall 200 Router

Related Content for NETGEAR FVX538 - ProSafe VPN Firewall 200 Router

This manual is also suitable for:

Table of Contents