Filter
Top Products
220
SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE
C
HAPTER
36:
Configuring VPN Settings
Select an encryption method from the Encryption list for the VPN tunnel. If network speed is
preferred, then select DES. If network security is preferred, select 3DES. To compromise between
network speed and network security, select DES.
Select an authentication method from the Authentication list. SHA1 is preferred for network
security.
Leave the default value of 28800 (8 hours) as the Life Time (seconds) for the VPN Policy.
Click Next.
8
ESP is selected by default from the Protocol menu. ESP is more secure than AH, but AH requires
less processing overhead.
3DES is selected by default from the Encryption menu. Enter a 48-character hexadecimal key if
you are using 3DES encryption.Enter a 16-character hexadecimal key in the Encryption Key field
if you are using DES or ARCFour encryption. This encryption key must match the remote
SonicWALL's encryption key.
The default 48-character key is a unique key generated every time a VPN Policy is created.
AH is selected by default from the Authentication Key field. When a new SA is created, a 32-
character key is automatically generated in the Authentication Key field. This key can be used as
a valid key. If this key is used, it must also be entered in the Authentication Key field in the
remote SonicWALL. If authentication is not used, this field is ignored.
Click Next.
9
To enable the VPN policy immediately, click Apply. If you prefer to disable the policy initially,
select Create this Policy Disabled, and then click Apply.
Creating Site-to-Site VPN Policies Using the VPN Policy
Window
You can create or modify existing VPN policies using the VPN Policy window. Clicking the Add button
under the VPN Policies table displays the VPN Policy window for configuring the following IPSec
Keying mode VPN policies:
• IKE using Preshared Key
• Manual Key
• IKE using 3rd Party Certificates
9
Tip: You can create these policies using the VPN Policy Wizard.