Filter
Top Products
SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
169
Site-to-Site VPN Configurations
Site-to-Site VPN Configurations
When designing VPN connections, be sure to document all pertinent IP Addressing information and
create a network diagram to use as a reference. A sample planning sheet is provided on the next
page. The SonicWALL must have a routable WAN IP Address whether it is dynamic or static. In a
VPN network with dynamic and static IP addresses, the VPN gateway with the dynamic address must
initiate the VPN connection.
Site-to-Site VPN configurations can include the following options:
• Branch Office (Gateway to Gateway) - A SonicWALL is configured to connect to another
SonicWALL via a VPN tunnel. Or, a SonicWALL is configured to connect via IPSec to another
manufacturer’s firewall.
• Hub and Spoke Design - All SonicWALL VPN gateways are configured to connect to a central
SonicWALL (hub), such as a corporate SonicWALL. The hub must have a static IP address, but
the spokes can have dynamic IP addresses. If the spokes are dynamic, the hub must be a
SonicWALL.
• Mesh Design - All sites connect to all other sites. All sites must have static IP addresses.
VPN Planning Sheet for Site-to-Site VPN Policies
You need the information below before you begin configuring Site-to-Site VPN Policies.
Site A
Workstation
LAN IP Address: ___.___.___.___
Subnet Mask: ___.___.___.___
Default Gateway: ___.___.___.___
SonicWALL
LAN IP Address: ___.___.___.___
WAN IP Address: ___.___.___.___
Subnet Mask: ___.___.___.___
Default Gateway: ___.___.___.___
Router
Internet Gateway
WAN IP Address: ___.___.___.___
Subnet Mask: ___.___.___.___
DNS Server #1: ___.___.___.___
DNS Server #2: ___.___.___.___