User's Manual Part 4
VPN Page 43
11. Click on the Advanced tab. Select the optional configuration settings you want to apply to your VPN
policy from the Advanced Settings section.
• Require authentication of local users - requires all outbound VPN traffic from this SA is from an
authenticated source.
• Require authentication of remote users - requires all inbound VPN traffic for this SA is from an au-
thenticated user.
• Enable Windows Networking (NetBIOS) broadcast - to allow access to remote network resources
by browsing the Windows
®
Network Neighborhood.
• Apply NAT and Firewall Rules - This feature allows a remote site’s LAN subnet to be hidden from
the corporate site, and is most useful when a remote office’s network traffic is initiated to the corporate
office. The IPSec tunnel is located between the SonicWALL WAN interface and the LAN segment of
the corporation. To protect the traffic, NAT (Network Address Translation) is performed on the out-
bound packet before it is sent through the tunnel, and in turn, NAT is performed on inbound packets
when they are received. By using NAT for a VPN connection, computers on the remote LAN are
viewed as one address (the SonicWALL public address) from the corporate LAN.
• Forward Packets to Remote VPNs - allows the remote VPN tunnel to participate in the SonicWALL
routing table. Inbound traffic is decrypted and can be forwarded to a remote site via another VPN tun-
nel. Normally, inbound traffic is decrypted and only forwarded to the SonicWALL LAN or a specific
route on the LAN configured on the Routing page located in the Network section. Enabling this fea-
ture allows a network administrator to create a “hub and spoke” network configuration by forwarding
inbound traffic to a remote site via a VPN security association. To create a “hub and spoke” network,
select the Forward Packets to Remote VPNs check box.Traffic can travel from a branch office to a
branch office via the corporate office.