Manuals / SonicWALL / Household Appliance / Home Security System

SonicWALL manual 223

Models: 3

1 348
Download 348 pages 8.9 Kb
Page 242
Image 242

Site to Site VPN Configurations

11Click the Advanced tab. Select any optional configuration options you want to apply to your VPN policy in the Advanced Settings section.

ŠEnable Keep Alive - Select this setting if you want to maintain the current connection by listening for traffic on the network segment between the two connections. If multiple VPN tunnels are configured on the SonicWALL, select Try to bring up all possible tunnels to have the SonicWALL renegotiate the tunnels if they lose communication with the SonicWALL.

ŠRequire authentication of local users - requires all outbound VPN traffic from this SA is from an authenticated source.

ŠRequire authentication of remote users - requires all inbound VPN traffic for this SA is from an authenticated user. Select Remote users behind VPN gateway if remote users have a VPN tunnel that terminates on the VPN gateway. Select Remote VPN clients with XAUTH if remote users require authentication using XAUTH and are access the SonicWALL via a VPN clients.

ŠEnable Secure Wireless Bridging - enables a WiFiSec VPN policy between SonicWALL wireless gateways.

ŠEnable Windows Networking (NetBIOS) broadcast - to allow access to remote network resources by browsing the Windows® Network Neighborhood.

ŠApply NAT and Firewall Rules - This feature allows a remote site’s LAN subnet to be hidden from the corporate site, and is most useful when a remote office’s network traffic is initiated to the corporate office. The IPSec tunnel is located between the SonicWALL WAN interface and the LAN segment of the corporation. To protect the traffic, NAT

(Network Address Translation) is performed on the outbound packet before it is sent through the tunnel, and in turn, NAT is performed on inbound packets when they are

received. By using NAT for a VPN connection, computers on the remote LAN are viewed as one address (the SonicWALL public address) from the corporate LAN.

ŠForward Packets to Remote VPNs - allows the remote VPN tunnel to participate in the SonicWALL routing table. Inbound traffic is decrypted and can be forwarded to a remote site via another VPN tunnel. Normally, inbound traffic is decrypted and only forwarded to the SonicWALL LAN or a specific route on the LAN configured on the Routing page located in the Network section. Enabling this feature allows a network administrator to create a “hub and spoke” network configuration by forwarding inbound traffic to a remote site via a VPN security association. To create a “hub and spoke” network, select the Forward Packets to Remote

SONICWALL SONICOS STANDARD 3.0 ADMINISTRATORS GUIDE

223

Page 241 Page 243
Page 242
Image 242
SonicWALL manual 223
Page 241 Page 243