Netgear FVX538NA 사용자 설명서
ProSafe VPN Firewall 200 FVX538 Reference Manual
C-14
Network Planning for Dual WAN Ports
v1.0, August 2006
The IP addresses of the gateway WAN ports can be either fixed or dynamic. If an IP address is
dynamic, a fully-qualified domain name must be used. If an IP address is fixed, a fully-qualified
domain name is optional.
dynamic, a fully-qualified domain name must be used. If an IP address is fixed, a fully-qualified
domain name is optional.
VPN Gateway-to-Gateway
The following situations exemplify the requirements for a gateway VPN firewall to establish a
VPN tunnel with another gateway VPN firewall:
VPN tunnel with another gateway VPN firewall:
•
Single gateway WAN ports
•
Redundant dual gateway WAN ports for increased reliability (before and after rollover)
•
Dual gateway WAN ports used for load balancing
VPN Gateway-to-Gateway: Single Gateway WAN Ports (Reference Case)
In the case of single WAN ports on the gateway VPN firewalls (
), either gateway
WAN port can initiate the VPN tunnel with the other gateway WAN port because the IP addresses
are known in advance.
are known in advance.
Figure C-12
Gateway A
bzrouter1.dyndns.org
10.5.6.0/24
10.5.6.1
WAN1 IP
WAN IP
LAN IP
Client B
0.0.0.0
VPN Router
(at employer's
main office)
(at employer's
main office)
Road Warrior Example
(Dual WAN Ports, Load Balancing)
Remote PC
(running NETGEAR
ProSafe VPN Client)
(running NETGEAR
ProSafe VPN Client)
Fully-Qualified Domain Names (FQDN)
- optional for Fixed IP addresses
- required for Dynamic IP addresses
- optional for Fixed IP addresses
- required for Dynamic IP addresses
bzrouter2.dyndns.org
WAN2 IP