VPN > Settings
547
SonicOS Enhanced 4.0 Administrator Guide
–
AES-192
–
AES-256
–
Authentication:
–
MD5
–
SHA1
–
Enable Perfect Forward Secrecy
–
DH Group (if perfect forward secrecy is enabled):
–
Group 1
–
Group 2
–
Group 5
Note The Windows 2000 L2TP client and Windows XP L2TP client can only work with DH Group
2. They are incompatible with DH Groups 1 and 5.
–
Life Time (seconds): (default 28800)
• Enable Keep Alive
• Suppress automatic Access Rules creation for VPN Policy
• Require authentication of VPN clients by XAUTH (not with IKEv2)
–
User Group for XAUTH users (the user group that will have access to this VPN if
XAUTH is selected):
• Enable Windows Networking (NetBIOS) Broadcast
• Enable Multicast
• Apply NAT Policies
–
Translated Local Network:
–
Translated Remote Network:
• Enable OCSP Checking (IKE with 3rd Party Certificate only)
–
OCSP Responder URL: (IKE with 3rd Party Certificate only)
• Management via this SA:
HTTP
HTTPS
• User login via this SA:
HTTP
HTTPS
• Default LAN Gateway (optional):
• VPN Policy bound to:
Zone WAN
• Do not send trigger packet during IKE SA negotiation (IKEv2 only)