ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
3-10
Manually Configuring Internet and WAN Settings
v1.0, September 2009
•
Load Balancing Mode
. The UTM distributes the outbound traffic equally among the WAN
interfaces that are functional.
•
Single WAN Port Mode
. The selected WAN interface is made primary and the other is
disabled.
For whichever WAN mode you choose, you must also choose either NAT or classical routing, as
explained in the following sections.
Network Address Translation (UTM10 and UTM25)
Network Address Translation (NAT) allows all PCs on your LAN to share a single public Internet
IP address. From the Internet, there is only a single device (the UTM) and a single IP address. PCs
on your LAN can use any private IP address range, and these IP addresses are not visible from the
Internet.
•
The UTM uses NAT to select the correct PC (on your LAN) to receive any incoming data.
•
If you only have a single public Internet IP address, you must use NAT (the default setting).
•
If your ISP has provided you with multiple public IP addresses, you can use one address as the
primary shared address for Internet access by your PCs, and you can map incoming traffic on
the other public IP addresses to specific PCs on your LAN. This one-to-one inbound mapping
is configured using an inbound firewall rule.
To configure NAT:
1.
Select
Network Config
>
WAN Settings
from the menu, then click the
WAN Mode
tab. The
WAN Mode screen displays (see
Figure 3-8 on page 3-12
).
2.
In the NAT (Network Address Translation) section of the screen select the
NAT
radio button.
3.
Click
Apply
to save your settings.
Classical Routing (UTM10 and UTM25)
In classical routing mode, the UTM performs routing, but without NAT. To gain Internet access,
each PC on your LAN must have a valid static Internet IP address.
Note:
Scenarios could arise when load balancing needs to be bypassed for certain
traffic or applications. If certain traffic needs to travel on a specific WAN
interface, configure protocol binding rules for that WAN interface. The rule
should match the desired traffic.