Manualshelf

User's Manual Part 4

ManualsBrandsSonicwall ManualsElectronicsTA 170
11121314151617181920
Page 32 SonicWALL SonicOS Standard Administrator’s Guide
This Gateway Only - Allows a single connection to be enabled at a time. Traffic that matches the
destination networks as specified in the policy of this gateway is sent through the VPN tunnel. All
other traffic is blocked. If this option is selected along with Set Default Route as this Gateway,
then the Internet traffic is also sent through the VPN tunnel. If this option is selected without
selecting Set Default Route as this Gateway, then the Internet traffic is blocked.
All Secured Gateways - Allows one or more connections to be enabled at the same time. Traffic
matching the destination networks of each gateway is sent through the VPN tunnel of that specific
gateway. If this option is selected along with Set Default Route as this Gateway, then Internet
traffic is also sent through the VPN tunnel. If this option is selected without selecting Set Default
Route as this Gateway, then the Internet traffic is blocked. Only one of the multiple gateways can
have Set Default Route as this Gateway enabled.
Split Tunnels - Allows the VPN user to have both local Internet access and VPN connectivity.
Set Default Route as this Gateway - If checked, Global VPN Client traffic that does not match
selectors for the gateway’s protected subnets must also be tunnelled. In effect, this changes the
Global VPN Client’s default gateway to the gateway tunnel endpoint. If unchecked, the Global VPN
Client must drop all non-matching traffic if Allow traffic to This Gateway Only or All Secured Gateways
is selected.
Use DHCP to Obtain Virtual IP for this Connection - If set, this allows the Global VPN Client to
obtain the IP address and other attributes like DNS and WINS from an external DHCP server on the
LAN side of the gateway.
Require Distributed Security Client for this Connection - Allows a VPN connection from the
remote Global Security Client only if the remote computer is running the SonicWALL Distributed
Security Client, which provides policy enforced firewall protection.
Use Default Key for Simple Client Provisioning - If set, authentication of initial Aggressive mode
exchange uses a default Preshared Key by gateway and all Global VPN Clients. This allows for the
control of the use of the default registration key. If not set, then Preshared Key must be distributed
out of band.
13. Click OK.
14. Click Apply to enable the changes.
Export a GroupVPN Client Policy
If you want to export the Global VPN Client configuration settings to a file for users to import into their
Global VPN Clients, follow these instructions:
Alert!
The GroupVPN SA must be enabled on the SonicWALL to export a configuration file.
1. Click the Disk icon under Configure for the GroupVPN policy. The Export VPN Client Policy
window is displayed.
2. rcf format is required for SonicWALL Global Clients is selected by default. Files saved in the rcf
format can be password encrypted.
3. Click Yes. The VPN Policy Export window is displayed.
4. If you want to encrypt the exported file, type a password in the Password field, re-enter the password
in the Confirm Password field, and then click Submit.
5. If you do not want the exported file encrypted, click Submit. A message appears confirming your
choice. Click OK.
6. Select the locations to save the file and click Save.
7. Click Close.