Specifications

ManualsBrandsWaters Network Systems ManualsComputer equipmentProSwitch-Quad Series

411

412

413

414

415

416

417

418

419

420

Network Planning for Multiple WAN Ports

414

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

What to Consider Before You Begin

• Cabling and Computer Hardware Requirements

• Computer Network Configuration Requirements

• Internet Configuration Requirements

The VPN firewall is a powerful and versatile solution for your networking needs. To make the

configuration process easier and to understand all of the choices that are available to you,

consider the following before you begin:

1. Plan your network.

a. Determine whether you will use one or several W

AN ports. For one W

AN port, you

might need a fully qualified domain name either for convenience or to remotely

access a dynamic WAN IP address.

b. If you intend to use several WAN ports, determine whether you will use them in

auto-rollover mode for increased system reliability or load balancing mode for

maximum bandwidth ef

ficiency. See the topics in this appendix for more information.

Your decision has the following implications:

• Fully qualified domain name (FQDN)

- For auto-rollover mode, you need an FQDN to implement features such as

exposed hosts and virtual private networks.

- For load balancing mode, you might still need an FQDN either for convenience

or to remotely access a dynamic WAN IP address.

• Protocol binding.

- For auto-rollover mode, protocol binding does not apply

For load balancing mode, decide which protocols should be bound to a

specific WAN port.

- You can also add your own service protocols to the list.

2. Set up your accounts.

a. Obtain active Internet services such as DSL broadband accounts, and locate the

Internet service provider (ISP) configuration information.

• In this manual, the WAN side of the network is presumed to be provisioned as

shown in the following figure, with two ISPs connected to the VPN firewall through

separate physical facilities.

• Each WAN port needs to be configured separately

, whether you are using a

separate ISP for each WAN port or you are using the same ISP to route the traffic

of both WAN ports.

• If your ISP charges by the volume of data traffic each month, consider enabling

the VPN firewall’

s traffic meter to monitor or limit your traffic.