Manualshelf

User's Manual Part 4

ManualsBrandsSonicwall ManualsElectronicsTA 170
11121314151617181920
Page 38 SonicWALL SonicOS Standard Administrator’s Guide
Select an encryption method from the Encryption list for the VPN tunnel. If network speed is
preferred, then select DES. If network security is preferred, select 3DES. To compromise between
network speed and network security, select DES.
Select an authentication method from the Authentication list. SHA1 is preferred for network security.
Leave the default value of 28800 (8 hours) as the Life Time (seconds) for the VPN Policy.
Click Next.
8. ESP is selected by default from the Protocol menu. ESP is more secure than AH, but AH requires
less processing overhead.
3DES is selected by default from the Encryption menu. Enter a 48-character hexadecimal key if you
are using 3DES encryption.Enter a 16-character hexadecimal key in the Encryption Key field if you
are using DES or ARCFour encryption. This encryption key must match the remote SonicWALL's
encryption key.
The default 48-character key is a unique key generated every time a VPN Policy is created.
AH is selected by default from the Authentication Key field. When a new SA is created, a 32-
character key is automatically generated in the Authentication Key field. This key can be used as a
valid key. If this key is used, it must also be entered in the Authentication Key field in the remote
SonicWALL. If authentication is not used, this field is ignored.
Click Next.
9. To enable the VPN policy immediately, click Apply. If you prefer to disable the policy initially, select
Create this Policy Disabled, and then click Apply.
Creating VPN Policies Using the VPN Policy Window
You can create or modify existing VPN policies using the VPN Policy window. Clicking the Add button
under the VPN Policies table displays the VPN Policy window for configuring the following IPSec Keying
mode VPN policies:
IKE using Preshared Key
Manual Key
IKE using 3rd Party Certificates
Tip!
You can create these policies using the VPN Policy Wizard.
Configuring a VPN Policy using IKE with Preshared Secret
To manually configure a VPN Policy using IKE with Preshared Secret, follow the steps below: