Manualshelf

Specifications

ManualsBrandsWaters Network Systems ManualsComputer equipmentProSwitch-Quad Series
331332333334335336337338339340
Network and System Management
335
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
VPN, L2TP, and PPTP Tunnels
The VPN firewall supports site-to-site IPSec VPN tunnels, dedicated SSL VPN tunnels, L2TP
tunnels, and PPTP tunnels. Each tunnel requires extensive processing for encryption and
authentication, thereby increasing traffic through the WAN ports.
For information about IPSec VPN, L2TP, and PPTP tunnels, see Chapter 5, Virtual Private
Networking Using IPSec and L2TP Connections. For information about SSL VPN tunnels,
see Chapter 6, Virtual Private Networking Using SSL Connections.
Use QoS and Bandwidth Assignment to Shift the Traffic Mix
By setting the QoS priority and assigning bandwidth profiles to firewall rules, you can shift the
traffic mix to aim for optimum performance of the VPN firewall.
Set QoS Priorities
The QoS priority settings determine the Quality of Service for the traffic passing through the
VPN firewall.
You can create and assign QoS profiles to WAN interfaces. For more information about QoS
profiles for WAN interfaces, see Configure WAN QoS Profiles on page 76.
You can also create and assign a QoS profile (IPv4) or QoS priority (IPv6) to LAN WAN and
DMZ WAN outbound firewall rules. The QoS is set individually for each firewall rule. You can
change the mix of traffic through the WAN ports by granting some services a higher priority
than others:
You can accept the default priority defined by the service itself by not changing its QoS
priority
.
You can change the priority to a higher or lower value than its default setting to give the
service higher or lower priority than it otherwise would have.
For more information about QoS profiles, see
Create Quality of Service Profiles for IPv4
Firewall Rules on page 184 and Quality of Service Priorities for IPv6 Firewall Rules on
page 186.
Assign Bandwidth Profiles
When you set the QoS priority, the WAN bandwidth does not change. You change the WAN
bandwidth that is assigned to a service or application by applying a bandwidth profile to a
LAN WAN inbound or outbound rule. The purpose of bandwidth profiles is to provide a
method for allocating and limiting traffic, thus allocating LAN users sufficient bandwidth while
preventing them from consuming all the bandwidth on your WAN links.
For more information about bandwidth profiles, see Create Bandwidth Profiles on page 181.