ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
2-10
Connecting to the Internet (WAN)
v1.0, October 2008
Configuring the WAN Mode
To access the WAN Mode, click on
Network Configuration > WAN Settings
and select the
WAN Mode tab.
The WAN mode page allows you to configure how your firewall uses the external Internet
connection. This screen gives you two choices for accessing the external Internet connection.
•
Network Address Translation (NAT)
. This technique allows several computers on a
LAN to share the same Internet connection (IP address) while using private IP address on
the LAN, which are hidden from the Internet.
•
Classical Routing
. This method allows the firewall to perform the routing, but requires
separate valid static Internet IP address for each PC on your LAN.
Network Address Translation
Network Address Translation (NAT) allows all PCs on your LAN to share a single public Internet
IP address. From the Internet, there is only a single device (the firewall) and a single IP address.
PCs on your LAN can use any private IP address range, and these IP addresses are not visible from
the Internet.
•
The firewall uses NAT to select the correct PC (on your LAN) to receive any incoming data.
•
If you only have a single public Internet IP address, you MUST use NAT. (the default setting).
•
If your ISP has provided you with multiple public IP addresses, you can use one address as the
primary shared address for Internet access by your PCs, and you can map incoming traffic on
the other public IP addresses to specific PCs on your LAN. This one-to-one inbound mapping
is configured using an inbound firewall rule.
Classical Routing
In classical routing mode, the firewall performs routing, but without NAT. To gain Internet access,
each PC on your LAN must have a valid static Internet IP address.
If your ISP has allocated a number of static IP addresses to you, and you have assigned one of
these addresses to each PC, you can choose classical routing. Or, you can use classical routing for
routing private IP addresses within a campus environment.
To learn the status of the WAN port, you can view the Router Status page (see
“Monitoring VPN
Tunnel Connection Status” on page 11-13
) or look at the LEDs on the front panel (see
“Front Panel
Features” on page 1-6
).