Filter
Top Products
SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE
211
Configuring GroupVPN Policy on the SonicWALL
VPN Terminated at the LAN, OPT/DMZ/WLAN, or LAN/OPT/DMZ/WLAN - Selecting this
option allows you to terminate a VPN tunnel on a specific destination instead of allowing the
VPN tunnel to terminate on the entire SonicWALL network. By terminating the VPN tunnel to a
specific destination, the VPN tunnel has access to a specific portion of the destination LAN or
OPT/DMZ/WLAN network.
Require Authentication of VPN Clients via XAUTH - requires that all inbound traffic on this
SA is from an authenticated user. Unauthenticated traffic is not allowed on the VPN tunnel.
10
Click on the Client tab and select any of the following boxes that you want to apply to Global VPN
Client provisioning:
Cache XAUTH User Name and Password - Allows Global VPN Client to cache any username
and password required for XAUTH user authentication. The drop-down list provides the following
options:
Never - Global VPN Client is not allowed to cache username and password. The user will be
prompted for a username and password when the connection is enabled and also every time
there is an IKE phase 1 rekey.
Single Session - The user will be prompted for username and password each time the
connection is enabled and will be valid until the connection is disabled. This username and
password is used through IKE phase 1 rekey.
Always - The user will be prompted for username and password only once when connection is
enabled. When prompted, the user will be given the option of caching the username and
password.
Virtual Adapter Settings - The use of the Virtual Adapter by the Global VPN Client (GVC) has
always been dependent upon a DHCP server, either the internal SonicOS or a specified external
DHCP server, to allocate addresses to the Virtual Adapter. In instances where predictable
addressing was a requirement, it was necessary to obtain the MAC address of the Virtual Adapter,
and to create a DHCP lease reservation.
To reduce the administrative burden of providing predictable Virtual Adapter addressing, you can
configure the GroupVPN to accept static addressing of the Virtual Adapter's IP configuration. This
feature requires the use of GVC version 3.0 or later.
None - A Virtual Adapter will not be used by this GroupVPN connection.
DHCP Lease - The Virtual Adapter will obtain its IP configuration from the DHCP Server only,
as configure in the VPN > DHCP over VPN page.