Filter
Top Products
166
SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
C
HAPTER
29:
Configuring VPN Policies
Require Distributed Security Client for this Connection - only allows a VPN connection
from a remote computer running the SonicWALL Distributed Security Client, which provides
policy enforced firewall protection before allowing a Global VPN Client connection.
Note: For more information on the SonicWALL Global Security Client and Distributed Security Client,
see the SonicWALL Global Security Client Administrator’s Guide.
Use Default Key for Simple Client Provisioning - uses Aggressive mode for the initial
exchange with the gateway and VPN clients uses a default Preshared Key for authentication.
6
Click OK.
Configuring GroupVPN with IKE using 3rd Party
Certificates
To configure GroupVPN with IKE using 3rd Party Certificates, follow these steps:
S
Alert: Before configuring GroupVPN with IKE using 3rd Party Certificates, your certificates must be
installed on the SonicWALL.
1
In the VPN>Settings page click the Notepad icon under Configure. The VPN Policy window is
displayed.
2
In the Security Policy section, select IKE using 3rd Party Certificates from the IPSec Keying
Mode menu. The VPN policy name is GroupVPN by default and cannot be changed.
3
Select a certificate for the SonicWALL from the Gateway Certificate menu.
4
Select one of the following Peer ID types from the Peer ID Type menu.
E-Mail ID
Distinguished name
Domain name
5
Enter the Peer ID filter in the Peer ID Filter field.
6
Check Allow Only Peer Certificates Signed by Gateway Issuer to specify that peer certificates
must be signed by the issuer specified in the Gateway Certificate menu.
7
Click on the Proposals tab.
8
In the IKE (Phase 1) Proposal section, select the following settings:
Group 2 from the DH Group menu.
3DES from the Encryption menu.