VPN > Advanced

C37H A P T E R

Configuring Advanced VPN

Settings

VPN > Advanced

The VPN > Advanced page includes optional settings that affect all VPN policies.

Advanced VPN Settings

Disable all VPN Windows Networking (NetBIOS) Broadcasts - Computers running Microsoft Windows® communicate with one another through NetBIOS broadcast packets. Disable this set- ting access remote network resources by browsing the Windows®

Network Neighborhood.

Enable Fragmented Packet Handling - if the VPN log report shows the log message “Frag- mented IPSec packet dropped”, select this feature. Do not select it until the VPN tunnel is estab- lished and in operation. When you select this setting, the Ignore DF (Don’t Fragment) Bit setting becomes active.

Enable NAT Traversal - Select this setting is a NAT device is located between your VPN end- points. IPSec VPNs protect traffic exchanged between authenticated endpoints, but authenticated endpoints cannot be dynamically re-mapped mid-session for NAT traversal to work. Therefore, to preserve a dynamic NAT binding for the life of an IPSec session, a 1-byte UDP is designated as a

SONICWALL SONICOS STANDARD 3.0 ADMINISTRATORS GUIDE

229

Page 248
Image 248
SonicWALL 3 manual Configuring Advanced VPN Settings, VPN Advanced, 229