NETGEAR ProSafe FVX538 User Manual

Page 17

Advertising
background image

Network Planning Guide for ProSafe VPN Firewall Router FVX538

Network Planning

2-7

October 2004

For the single gateway WAN port case, the mechanism is to use a fully-qualified domain name
(FQDN) when the IP address is dynamic and to use either an FQDN or the IP address itself when
the IP address is fixed. The situation is different when dual gateway WAN ports are used in a
failover-based system.

Failover Case for Dual Gateway WAN Ports

Failover (

Figure 2-8

) for the dual gateway WAN port case is different from the single gateway

WAN port case when specifying the IP address of the VPN tunnel end point. Only one WAN
port is active at a time and when it fails over, the IP address of the active WAN port always
changes. Hence, the use of a fully-qualified domain name is always required, even when the IP
address of each WAN port is fixed.

Figure 2-8: Dual gateway WAN ports before and after failover

Load Balancing Case for Dual Gateway WAN Ports

Load balancing (

Figure 2-9

) for the dual gateway WAN port case is the same as the single

gateway WAN port case when specifying the IP address of the VPN tunnel end point. Each IP
address is either fixed or dynamic based on the ISP: fully-qualified domain names must be
used when the IP address is dynamic and are optional when the IP address is static.

Figure 2-9: Dual gateway WAN ports for load balancing

Note: Once the gateway router WAN port fails over, the VPN tunnel collapses and must
be re-established using the new WAN IP address.

Gateway

netgear.dyndns.org

WAN1 IP

Dual WAN Ports (Before Failover)

VPN Router

WAN2 IP (N/A)

WAN2 port inactive

Gateway

WAN1 port inactive

WAN1 IP (N/A)

Dual WAN Ports (After Failover)

VPN Router

WAN2 IP

netgear.dyndns.org

IP address of active WAN port changes after a failover (use of fully-qualified domain names always required)

X

X

X

X

Gateway

netgear1.dyndns.org

WAN1 IP

Dual WAN Ports (Load Balancing)

VPN Router

WAN2 IP

netgear2.dyndns.org

IP addresses of WAN ports same as single
WAN port case (use of fully-qualified domain
names required for dynamic IP addresses
and optional for fixed IP addresses)

Advertising
Popular Brands
Popular manuals