Manualshelf

User's Manual Part 4

ManualsBrandsSonicwall ManualsElectronicsTA 170
21222324252627282930
Page 42 SonicWALL SonicOS Standard Administrator’s Guide
Tip!
Use the VPN worksheet at the beginning of this chapter to record your settings. These settings are
necessary to configure the remote SonicWALL and create a successful VPN connection.
3. In the Security Policy section, enter a name for the VPN Policy in the Name field.
4. Enter the IP address or gateway name of the REMOTE SonicWALL in the IPSec Gateway Name or
Address field.
5. In the Destination Networks section, one of the following options:
Use this SA as the default route for all Internet traffic - select this option if all remote VPN connec-
tions access the Internet through this SA. You can only configure one SA to use this option.
Specify destination networks below - configure the remote destination network for your SA. Click
Add to add the IP address and subnet mask. You can modify existing destination networks by click
Edit, and delete networks by selecting the network and clicking Delete.
6. Click on the Proposals tab.
7. In the Ipsec SA section, define an Incoming SPI and an Outgoing SPI. The SPIs are hexadecimal
(0123456789abcedf) and can range from 3 to 8 characters in length. Or use the default values.
Alert!
Each Security Association must have unique SPIs; no two Security Associations can share the same
SPIs. However, each Security Association Incoming SPI can be the same as the Outgoing SPI.
8. ESP is selected by default from the Protocol menu. ESP is more secure than AH, but AH requires
less processing overhead.
9. 3DES is selected by default from the Phase 2 Encryption menu. Enter a 48-character hexadecimal
key if you are using 3DES encryption.Enter a 16-character hexadecimal key in the Encryption Key
field if you are using DES or ARCFour encryption. This encryption key must match the remote
SonicWALL's encryption key.
The default 48-character key is a unique key generated every time a VPN Policy is created.
10. SHA1 is selected by default from the Phase 2 Authentication menu. When a new Policy is created,
a 32-character key is automatically generated in the Authentication Key field. This key can be used
as a valid key. If this key is used, it must also be entered in the Authentication Key field in the remote
SonicWALL. If authentication is not used, this field is ignored.