ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
B-12 Network Planning for Dual WAN Ports (UTM25 Only)
v1.0, September 2009
The IP addresses of the WAN ports can be either fixed or dynamic, but you must always use a
FQDN because the active WAN port could be either WAN1 or WAN2 (that is, the IP address of the
active WAN port is not known in advance).
After a rollover of the WAN port has occurred, the previously inactive gateway WAN port
becomes the active port (port WAN2 in Figure B-11) and the remote PC client must re-establish
the VPN tunnel. The gateway WAN port must act as the responder.
The purpose of the FQDN in this case is to toggle the domain name of the gateway firewall
between the IP addresses of the active WAN port (that is, WAN1 and WAN2) so that the remote
PC client can determine the gateway IP address to establish or re-establish a VPN tunnel.
Figure B-10
Figure B-11