1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRX5308
    5. /
  5. 9
Page 41 / 469 Scroll up to view Page 36 - 40
IPv4 and IPv6 Internet and WAN Settings
41
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Configure Load Balancing Mode and Optional Protocol Binding for
IPv4
Interfaces
To use multiple ISP links simultaneously, configure load balancing. In load balancing mode,
any WAN port carries any outbound protocol unless protocol binding is configured.
When a protocol is bound to a particular WAN port, all outgoing traffic of that protocol is
directed to the bound WAN port. For example, if the HTTPS protocol is bound to the WAN1
port and the FTP protocol is bound to the WAN2 port, the VPN firewall automatically routes
all outbound HTTPS traffic from the computers on the LAN through the WAN1 port. All
outbound FTP traffic is routed through the WAN2 port.
Protocol binding addresses two issues:
Segregation of traffic between links that are not of the same speed.
High-volume traffic can be routed through the WAN port connected to a high-speed link,
and low-volume traffic can be routed through the WAN port connected to the low-speed
link.
Continuity of source IP address for secure connections.
Some services, particularly HTTPS, cease to respond when a client’s source IP address
changes shortly after a session has been established.
Configure Load Balancing Mode for IPv4 Interfaces
To configure load balancing mode:
1.
Select
Network Configuration > WAN Settings > WAN Mode
. The WAN Mode screen
displays:
Figure 20.
2.
In the Load Balancing Settings section of the screen, configure the following settings:
a.
Select the
Load Balancing Mode
radio button.
Page 42 / 469
IPv4 and IPv6 Internet and WAN Settings
42
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
b.
From the corresponding drop-down list on the right, select one of the following load
balancing methods:
Weighted LB
. With weighted load balancing, balance weights are calculated
based on WAN link speed and available WAN bandwidth. This is the default
setting and most efficient load balancing algorithm.
Round-robin
. With round-robin load balancing, new traffic connections are sent
over a WAN link in a serial method irrespective of bandwidth or link speed. For
example, if the WAN1, WAN2, and WAN3 interfaces are active in round-robin load
balancing mode, an HTTP request could first be sent over the WAN1 interface,
then a new FTP session could start on the WAN2 interface, and then any new
connection to the Internet could be made on the WAN3 interface. This
load
balancing method ensures that a single WAN interface does not carry a
disproportionate distribution of sessions.
3.
Click
Apply
to save your settings.
Configure Protocol Binding for IPv4 Interfaces (Optional)
To configure protocol binding and add protocol binding rules:
1.
Select
Network Configuration > Protocol Binding
.
2.
Select the
Load Balancing
radio button. The Protocol Bindings screen displays. (The
following figure shows two examples in the Protocol Bindings table.)
Figure 21.
The Protocol Bindings table displays the following fields:
Check box
.
Allows you to select the protocol binding rule in the table.
Status icon
. Indicates the status of the protocol binding rule:
-
Green circle. The protocol binding rule is enabled.
-
Gray circle. The protocol binding rule is disabled.
Service
. The service or protocol for which the protocol binding rule is set up.
Local Gateway
. The WAN interface to which the service or protocol is bound.
Source Network
. The computers or groups on your network that are affected by the
protocol binding rule.
Page 43 / 469
IPv4 and IPv6 Internet and WAN Settings
43
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Destination Network
. The Internet locations (based on their IP address) or groups
that are covered by the protocol binding rule.
Action
. The Edit table button, which provides access to the Edit Protocol Binding
screen for the corresponding service.
3.
Click the
Add
table button below the Protocol Binding table. The Add Protocol Binding
screen displays:
Figure 22.
4.
Configure the protocol binding settings as described in the following table:
Table 6.
Add Protocol Binding screen settings
Setting
Description
Service
From the drop-down list, select a service or application to be covered by this rule. If the
service or application does not appear in the list, you need to define it using the Services
screen (see
Add Customized Services
on page
177).
Local Gateway
From the drop-down list, select one of the WAN interfaces.
Source Network
The source network settings determine which computers on your network are affected by
this rule. Select one of the following options from the drop-down list:
Any
All devices on your LAN.
Single address
In the Start IP field, enter the IP address to which the rule is applied.
Address Range
In the Start IP field and End IP field, enter the IP addresses for the
range to which the rule is applied.
Group
If this option is selected, the rule is applied to the selected group.
The group can be a LAN group or an IP (LAN) group.
Note:
For information about LAN groups, see
Manage IPv4 Groups
and Hosts (IPv4 LAN Groups)
on page
96. For information about IP
groups, see
Create IP Groups
on page
179.
Page 44 / 469
IPv4 and IPv6 Internet and WAN Settings
44
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
5.
Click
Apply
to save your settings. The protocol binding rule is added to the Protocol Binding
table. The rule is automatically enabled, which is indicated by the ! status icon that displays
a green circle.
To edit a protocol binding:
1.
On the Protocol Bindings screen (see
Figure
21
on page
42), in the Protocol Bindings
table, click the
Edit
table button to the right of the binding that you want to edit. The Edit
Protocol Bindings screen displays. This screen shows the same fields as the Add Protocol
Bindings screen (see the previous figure).
2.
Modify the settings as described in the previous table.
3.
Click
Apply
to save your settings.
To enable, disable, or delete one or more protocol bindings:
1.
On the Protocol Bindings screen (see
Figure
21
on page
42), select the check box to the
left of the protocol binding that you want to enable, disable, or delete, or click the
Select
All
table button to select all bindings.
2.
Click one of the following table buttons:
Enable
.
Enables the binding or bindings. The ! status icon changes from a gray circle
to a green circle, indicating that the selected binding or bindings are enabled. (By
default, when a binding is added to the table, it is automatically enabled.)
Disable
.
Disables the binding or bindings. The ! status icon changes from a green
circle to a gray circle, indicating that the selected binding or bindings are disabled.
Delete
.
Deletes the binding or bindings.
Destination
Network
The destination network settings determine which Internet locations (based on their IP
address) are covered by the rule. Select one of the following options from the drop-down
list:
Any
All Internet IP address.
Single address
In the Start IP field, enter the IP address to which the rule is applied.
Address range
In the Start IP field and Finish field, enter the IP addresses for the
range to which the rule is applied.
Group
If this option is selected, the rule is applied to the selected IP (WAN)
group.
Note:
For information about IP groups, see
Create IP Groups
on
page
179.
Table 6.
Add Protocol Binding screen settings (continued)
Setting
Description
Page 45 / 469
IPv4 and IPv6 Internet and WAN Settings
45
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Configure the Auto-Rollover Mode and Failure Detection Method for
IPv4
Interfaces
To use a redundant ISP link for backup purposes, ensure that the backup WAN interface has
already been configured. Then select the WAN interface that should function as the primary
link for this mode, and configure the WAN failure detection method on the WAN Mode screen
to support auto-rollover.
When the VPN firewall is configured in auto-rollover mode, it uses the selected WAN failure
detection method to detect the status of the primary link connection at regular intervals. For
IPv4 interfaces, the VPN firewall detects link failure in one of the following ways:
By sending DNS queries to a DNS server
By sending a ping request to an IP address
From the primary WAN interface, DNS queries or ping requests are sent to the specified IP
address. If replies are not received, after a specified number of retries, the primary WAN
interface is considered down and a rollover to the backup WAN interface occurs. When the
primary WAN interface comes back up, another rollover occurs from the backup WAN
interface back to the primary WAN interface. The WAN failure detection method that you
select applies only to the primary WAN interface, that is, it monitors the primary link only.
Configure Auto-Rollover Mode for IPv4 Interfaces
To configure auto-rollover mode:
1.
Select
Network Configuration > WAN Settings > WAN Mode
. The WAN Mode screen
displays:
Figure 23.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top