Filter
Top Products
VPN > Settings
572
SonicOS Enhanced 4.0 Administrator Guide
Configuring the Remote SonicWALL Security Appliance
Step 1 Click Add on the VPN > Settings page. The VPN Policy window is displayed.
Step 2 In the General tab, select Manual Key from the IPsec Keying Mode menu.
Step 3 Enter a name for the SA in the Name field.
Step 4 Enter the host name or IP address of the local connection in the IPsec Gateway Name or
Address field.
Step 5 Click the Network tab.
Step 6 Select a local network from Choose local network from list if a specific local network can
access the VPN tunnel. If traffic can originate from any local network, select Any Address.
Select Use this VPN Tunnel as default route for all Internet traffic if traffic from any local
user cannot leave the SonicWALL security appliance unless it is encrypted. You can only
configure one SA to use this setting. Alternatively, select Choose Destination network from
list, and select the address object or group.
Step 7 Click the Proposals tab.
Step 8 Define an Incoming SPI and an Outgoing SPI. The SPIs are hexadecimal
(0123456789abcedf) and can range from 3 to 8 characters in length.
Warning
Each Security Association must have unique SPIs; no two Security Associations can
share the same SPIs. However, each Security Association Incoming SPI can be the
same as the Outgoing SPI.
Step 9 The default values for Protocol, Phase 2 Encryption, and Phase 2 Authentication are
acceptable for most VPN SA configurations.
Note The values for Protocol, Phase 2 Encryption, and Phase 2 Authentication must match
the values on the remote SonicWALL.
Step 10 Enter a 16 character hexadecimal encryption key in the Encryption Key field or use the default
value. This encryption key is used to configure the remote SonicWALL encryption key,
therefore, write it down to use when configuring the remote SonicWALL.
Step 11 Enter a 32 character hexadecimal authentication key in the Authentication Key field or use
the default value. Write down the key to use while configuring the remote SonicWALL settings.
Tip Valid hexadecimal characters include 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, and f.
1234567890abcdef is an example of a valid DES or ARCFour encryption key. If you enter
an incorrect encryption key, an error message is displayed at the bottom of the browser
window.
Step 12 Click the Advanced tab and select any of the following optional settings you want to apply to
your VPN policy:
–
The Suppress automatic Access Rules creation for VPN Policy setting is not
enabled by default to allow the VPN traffic to traverse the appropriate zones.
–
Select Enable Windows Networking (NetBIOS) broadcast to allow access to remote
network resources by browsing the Windows® Network Neighborhood.