26
|
Chapter 2:
Connecting the VPN Firewall to the Internet
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336Gv2 Reference Manual
Enter the following data in the Add Protocol Binding section on screen:
a.
Service
. From the drop-down list, choose the desired service or application to be
covered by this rule. If the desired service or application does not appear in the list,
you must define it using the Services screen (see
“Adding Customized Services”
on
page 57).
b. Source Network
. These settings determine which computers on your network are
affected by this rule. Select the desired options:
•
Any
. All PCs and devices on your LAN.
•
Single address
. Enter the required address and the rule will be applied to that
particular PC.
•
Address range
. If this option is selected, you must enter the start and finish fields.
•
Group 1-Group 8
. If this option is selected, the devices assigned to this group will
be affected. (You may also assign a customized name to the group. See
Edit
Group Names
on the
Groups and Hosts
screen in the
LAN Groups
submenu.)
c. Destination Network
. These settings determine which Internet locations are
covered by the rule, based on their IP address. Select the desired option:
•
Any
. All Internet IP address are covered by this rule.
•
Single address
. Enter the required address in the start field.
•
Address range
. If this option is selected, you must enter the start and finish fields.
4.
Click
Add
to save this rule
.
The new Protocol Binding Rule will be enabled and added to the Protocol Binding Table
for the WAN1 port.
5.
Open the
WAN2 Protocol Bindings
tab and repeat the previous steps to set protocol
bindings for the WAN2 port.
Configuring Dynamic DNS (Optional)
Dynamic DNS (DDNS) is an Internet service that allows routers with varying public IP
addresses to be located using Internet domain names. To use DDNS, you must setup an
account with a DDNS provider such as DynDNS.org, TZO.com, Oray.net, or 3322.org. (Links
to DynDNS, TZO, Oray, and 3322 are provided for your convenience on the Dynamic DNS
Configuration screen.) The VPN firewall firmware includes software that notifies dynamic
DNS servers of changes in the WAN IP address, so that the services running on this network
can be accessed by others on the Internet.
If your network has a permanently assigned IP address, you can register a domain name and
have that name linked with your IP address by public Domain Name Servers (DNS).
However, if your Internet account uses a dynamically assigned IP address, you will not know
in advance what your IP address will be, and the address can change frequently—hence, the
need for a commercial DDNS service, which allows you to register an extension to its
domain, and restores DNS requests for the resulting FQDN to your frequently-changing IP
address.