Filter
Top Products
SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE
223
Site to Site VPN Configurations
11
Click the Advanced tab. Select any optional configuration options you want to apply to your VPN
policy in the Advanced Settings section.
Enable Keep Alive - Select this setting if you want to maintain the current connection by
listening for traffic on the network segment between the two connections. If multiple VPN
tunnels are configured on the SonicWALL, select Try to bring up all possible tunnels to have
the SonicWALL renegotiate the tunnels if they lose communication with the
SonicWALL.
Require authentication of local users - requires all outbound VPN traffic from this SA is from
an authenticated source.
Require authentication of remote users - requires all inbound VPN traffic for this SA is from
an authenticated user. Select Remote users behind VPN gateway if remote users have a
VPN tunnel that terminates on the VPN gateway. Select Remote VPN clients with XAUTH if
remote users require authentication using XAUTH and are access the SonicWALL via a VPN
clients.
Enable Secure Wireless Bridging - enables a WiFiSec VPN policy between SonicWALL
wireless gateways.
Enable Windows Networking (NetBIOS) broadcast - to allow access to remote
network resources by browsing the Windows
®
Network Neighborhood.
Apply NAT and Firewall Rules - This feature allows a remote site’s LAN subnet to be hidden
from the corporate site, and is most useful when a remote office’s network traffic is initiated to
the corporate office. The IPSec tunnel is located between the SonicWALL WAN interface and
the LAN segment of the corporation. To protect the traffic, NAT
(Network Address Translation) is performed on the outbound packet before it is sent through
the tunnel, and in turn, NAT is performed on inbound packets when they are
received. By using NAT for a VPN connection, computers on the remote LAN are viewed as
one address (the SonicWALL public address) from the corporate LAN.
Forward Packets to Remote VPNs - allows the remote VPN tunnel to participate in the
SonicWALL routing table. Inbound traffic is decrypted and can be forwarded to a remote site
via another VPN tunnel. Normally, inbound traffic is decrypted and only forwarded to the
SonicWALL LAN or a specific route on the LAN configured on the Routing page located in the
Network section. Enabling this feature allows a network administrator to create a “hub and
spoke” network configuration by forwarding inbound traffic to a remote site via a VPN security
association. To create a “hub and spoke” network, select the Forward Packets to Remote