170
SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
C
HAPTER
29:
Configuring VPN Policies
Additional Information
SA Name:____________________
Manual Key, SPI In_____ SPI Out_____
Enc.Key:____________________
Auth.Key:___________________
If Preshared Secret,
Shared Secret:___________________
Local IKE ID and Remote IKE ID
Phase 1 DH - 1 2 5
SA Lifetime 28800 or ____________
Phase 1 Enc/Auth DES 3DES AES-128 AES-256 MD5 SHA1 (circle)
Phase 2 Enc/Auth DES 3DES AES-128 AES-256 MD5 SHA1 (circle)
ARC NULL
Local Network in a VPN Policy
__ Choose local network from list
__ Local network obtains IP addresses using DHCP through this VPN tunnel
__ Any address
Remote Networks
__ Use this VPN tunnel as a default route for all Internet traffic
__ Destination network obtains address using DHCP through this VPN tunnel
__ Choose destination network from list
Primary IPSec Gateway/Secondary IPSec Gateway
Creating Site-to-Site VPN Policies
You can create or modify existing VPN policies using the VPN Policy window. Clicking the Add button
under the VPN Policies table displays the VPN Policy window for configuring the following IPSec
Keying mode VPN policies:
• IKE using Preshared Key
• Manual Key
• IKE using 3rd Party Certificates