Page 36 / 240 Scroll up to view Page 31 - 35
ProSafe VPN Firewall 200 FVX538 Reference Manual
2-10
Connecting the FVX538 to the Internet
v1.0, March 2009
When the router is configured in Auto-Rollover Mode, the router uses the
WAN Failure
Detection Method
to check the connection of the primary link at regular intervals to detect router
status. Link failure is detected in one of the following ways:
By using DNS queries to a DNS server, or
By a Ping to an IP address.
For each WAN interface, DNS queries or Ping requests are sent to the specified IP address. If
replies are not received, the corresponding WAN interface is considered down.
To configure the dual WAN ports for Auto-Rollover
1.
Select
Network Configuration
from the primary menu and
WAN Mode
from the secondary
menu. The WAN Mode screen will display.
2.
In the
Port Mode
section, check the
Auto-Rollover Using WAN port
radio box.
3.
Selection the WAN port that will act as the primary link for this mode from the pull-down
menu.
4.
From the
WAN Failure detection Method
section, select the detection failure method radio
box from one of the following choices:
DNS lookup using configured DNS Servers (ISP DNS Servers)
– In this case, DNS
queries are sent to the DNS server configured on the WAN ISP pages (see
“Configuring
the Internet Connections to Your ISPs” on page 2-2
).
DNS lookup using this DNS Server
(for example, a public DNS Server) – Enter any
public DNS server. DNS queries are sent to this server through the WAN interface being
monitored.
Ping to this IP address
– Enter a public IP address that will not reject the Ping request or
will not consider the traffic abuse. Queries are sent to this server through the WAN
interface being monitored.
5.
Enter a
Test Period
in seconds. DNS query is sent periodically after every test period. The
default test period is 30 seconds.
Page 37 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
Connecting the FVX538 to the Internet
2-11
v1.0, March 2009
6.
Enter the
Maximum Failover
amount. The WAN interface is considered down after the
configured number of queries have failed to elicit a reply. The rollover link is brought up after
this. The Failover default is 4 failures.
The default time to roll over after the primary WAN interface fails is 2 minutes (a 30-second
minimum test period, times a minimum of 4 tests).
7.
Click
Apply
to save your settings.
8.
Click
Reset
to revert to the previous settings.
Once a rollover occurs, an alert will be generated (see
“E-Mail Notifications of Event Logs and
Alerts” on page 4-39
). When notified that the failed WAN interface has been restored, you can
force traffic back on the original primary WAN interface by reapplying the Auto-Rollover settings
in the WAN Port Mode menu.
Figure 2-4
Page 38 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
2-12
Connecting the FVX538 to the Internet
v1.0, March 2009
Setting Up Load Balancing
To use multiple ISP links simultaneously, select Load Balancing. In Load Balancing mode, both
links will carry data for the protocols that are bound to them. For example, if the HTTP protocol is
bound to WAN1 and the FTP protocol is bound to WAN2, then the router will automatically
channel FTP data from and to the computers on the LAN through the WAN2 port. All HTTP
traffic will be routed through the WAN1 port.
Load Balancing can be used to segregate traffic between links that are not of the same speed. High
volume traffic can be routed through the port connected to a high speed link and low volume
traffic can be routed through the port connected to the low speed link.
To configure the dual WAN ports for load balancing with protocol binding:
1.
Check the Load Balancing radio button on the WAN Mode screen shown in
Figure 2-4
above,
and click
view protocol bindings
(if protocol binding is needed)
.
The
WAN1 Protocol
Bindings
screen will display.
2.
Enter the following data in the
Add Protocol Binding
section:
Note:
NETGEAR recommends that all specific traffic (for example, HTTP) be
configured for the WAN2 port. The only way to make certain traffic goes out one
port and all other traffic goes out the other port is to use WAN2 for specified
traffic.
Figure 2-5
Page 39 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
Connecting the FVX538 to the Internet
2-13
v1.0, March 2009
a.
Service
– From the pull-down menu, select the desired Services or applications to be
covered by this rule. If the desired service or application does not appear in the list, you
must define it using the Services menu (see
“Services-Based Rules” on page 4-2
).
b.
Destination Network
– These settings determine which Internet locations are covered by
the rule, based on their IP address. Select the desired option:
Any
– All Internet IP address are covered by this rule.
Single address
– Enter the required address in the start fields.
Address range
– If this option is selected, you must enter the start and finish fields.
c.
Source Network
– These settings determine which computers on your network are
affected by this rule. Select the desired options:
Any
– All PCs and devices on your LAN.
Single address
– Enter the required address and the rule will be applied to that
particular PC.
Address range
– If this option is selected, you must enter the start and finish fields.
Group 1-Group 8
– If this option is selected, the devices assigned to this group will
be affected. (You may also assign a customized name to the group. See
Edit Group
Names
on the
Groups and Hosts
menu in the
LAN Groups
sub-menu.)
3.
Click
Add
in the Add column adjacent to the rule
.
The new Protocol Binding Rule will be
enabled and added to the Protocol Binding Table for the WAN1 port.
Select the
WAN2 Protocol Bindings
tab, and repeat steps 1 through 9, to set protocol bindings
for the WAN2 port.
To Edit or Add additional Protocol Binding settings:
1.
Select
Network Configuration
from the main menu and
Protocol Binding
from the
submenu. The
WAN1 Protocol Bindings
screen will display.
You can add or edit protocol bindings to either the WAN1 port or click the
WAN2 Protocol
Bindings
tab to access the
WAN2 Protocol Bindings
screen. To add a new protocol binding,
following the preceding procedure.
2.
Check the radio button adjacent to the protocol binding rule you want to modify. Click
Edit
in
the Action column adjacent to the rule. The
Edit Protocol Binding
screen will display.
Page 40 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
2-14
Connecting the FVX538 to the Internet
v1.0, March 2009
3.
Modify the parameters for the protocol binding service you selected.
4.
Click
Apply.
The modified rule will be enabled and appear in the Protocol Binding table.
5.
Click
Reset
to return to the previously configured settings.
Configuring Dynamic DNS (If Needed)
Dynamic DNS (DDNS) is an Internet service that allows routers with varying public IP addresses
to be located using Internet domain names. To use DDNS, you must setup an account with a
DDNS provider such as DynDNS.org, TZO.com, or Oray.net. (Links to DynDNS, TZO, and Oray
are provided for your convenience on the
Dynamic DNS Configuration
screen.) The VPN
firewall firmware includes software that notifies dynamic DNS servers of changes in the WAN IP
address, so that the services running on this network can be accessed by others on the Internet.
If your network has a permanently assigned IP address, you can register a domain name and have
that name linked with your IP address by public Domain Name Servers (DNS). However, if your
Internet account uses a dynamically assigned IP address, you will not know in advance what your
Figure 2-6

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top