Use Qos And Bandwidth Assignment To Shift The Traffic Mix - NETGEAR ProSafe SRX5308 Reference Manual

Gigabit quad wan ssl vpn firewall

Hide thumbs Also See for ProSafe SRX5308:

Reference manual (469 pages)

Cli reference manual (328 pages)

Datasheet (3 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

Table of Contents

ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308

request rather than a response to a requests from the LAN network. As such, it would be

handled in accordance with the inbound port forwarding rules, and most likely would be

blocked.

For the procedure on how to configure port triggering, see

page 130.

DMZ Port

The demilitarized zone (DMZ) is a network that, by default, has fewer firewall restrictions

when compared to the LAN. The DMZ can be used to host servers (such as a web server,

FTP server, or email server) and provide public access to them. The fourth LAN port on the

VPN firewall (the rightmost LAN port) can be dedicated as a hardware DMZ port to safely

provide services to the Internet without compromising security on your LAN. By default, the

DMZ port and both inbound and outbound DMZ traffic are disabled. Enabling the DMZ port

and allowing traffic to and from the DMZ increases the traffic through the WAN ports.

For information about how to enable the DMZ port, see

on page 72. For the procedures on how to configure DMZ traffic rules, see

Rules

on page 95.

Exposed Hosts

Specifying an exposed host allows you to set up a computer or server that is available to

anyone on the Internet for services that you have not yet defined. For an example of how to

set up an exposed host, see

Host

on page 104.

VPN Tunnels

The VPN firewall supports up to 125 site-to-site IPSec VPN tunnels and up to 50 dedicated

SSL VPN tunnels. Each tunnel requires extensive processing for encryption and

authentication, thereby increasing traffic through the WAN ports.

For information about IPSec VPN tunnels, see

IPSec

Connections. For information about SSL VPN tunnels, see

Networking Using SSL