SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
165
Configuring GroupVPN Policies
5
Click the Client tab, select any of the following settings you want to apply to your GroupVPN
policy.
Cache XAUTH User Name and Password on Client - allows the Global VPN Client to cache
the user name and password.
à Never - Global VPN Client is not allowed to cache the username and password. The user
will be prompted for a username and password when the connection is enabled, and also
every time there is an IKE Phase 1 rekey.
à Single Session - Global VPN Client user prompted for username and password each time
the connection is enabled and will be valid until the connection is disabled. The username
and password is used through IKE Phase 1 rekey.
à Always - Global VPN Client user prompted for username and password only once when
connection is enabled. When prompted, the user will be given the option of caching the
username and password.
Allow Connections to - Client network traffic matching destination networks of each gateway
is sent through the VPN tunnel of that specific gateway.
à This Gateway Only - Allows a single connection to be enabled at a time. Traffic that
matches the destination networks as specified in the policy of the gateway is sent through
the VPN tunnel. If this option is selected along with Set Default Route as this Gateway, then
the Internet traffic is also sent through the VPN tunnel. If this option is selected without
selecting Set Default Route as this Gateway, then the Internet traffic is blocked.
à All Secured Gateways - Allows one or more connections to be enabled at the same time.
Traffic matching the destination networks of each gateway is sent through the VPN tunnel of
that specific gateway. If this option is selected along with Set Default Route as this
Gateway, then Internet traffic is also sent through the VPN tunnel. If this option is selected
without Set Default Route as this Gateway, then the Internet traffic is blocked. Only one of
the multiple gateways can have Set Default Route as this Gateway enabled.
à Split Tunnels - Allows the VPN user to have both local Internet connecivity and VPN
connectivity.
Set Default Route as this Gateway - Enable this check box if all remote VPN connections
access the Internet through this VPN tunnel. You can only configure one VPN policy to use this
setting.
Use DHCP to obtain Virtual IP for this Connection - allows the VPN Client to obtain an IP
address using DHCP over VPN.