Filter
Top Products
SONICWALL SONICOS ENHANCED 2.5 ADMINISTRATOR’S GUIDE
341
Configuring a Site-to-Site VPN using the VPN Wizard
For this example, select LAN Subnets.
• Destination Networks: Select the network resources on the destination end of the VPN Tun-
nel. If the object or group does not exist, select Create new Address Object or Create new
Address Group.
For example:
a
Select Create new Address Group.
b
In the Name field, enter “LAN Group”.
c
In the list on the left, select LAN Subnets and click the -> button.
d
Click OK to create the group and return to the Network Selection page.
e
In the Destination Networks field, select the newly created group.
7.
Click Next.
8.
In the IKE Security Settings page, select the security settings for IKE Phase 2 negotiations and
for the VPN tunnel. You can use the default settings.
• DH Group: The Diffie-Hellman (DH) group are the group of numbers used to create the key
pair. Each subsequent group uses larger numbers to start with. You can choose Group 1,
Group 2, or Group 5. The VPN Uses this during IKE negotiation to create the key pair.
• Encryption: This is the method for encrypting data through the VPN Tunnel. The methods are
listed in order of security. DES is the least secure and the and takes the least amount of time to
encrypt and decrypt. AES-256 is the most secure and takes the longest time to encrypt and
decrypt. You can choose. DES, 3DES, AES-128, or AES-256. The VPN uses this for all data
through the tunnel
• Authentication: This is the hashing method used to authenticate the key, once it is exchanged
during IKE negotiation. You can choose MD5 or SHA-1.
• Life Time (seconds): This is the length of time the VPN tunnel stays open before needing to
re-authenticate. The default is eight hours (28800).