Sonic OS 2.x Quick Start Guide
11.Select the Proposal tab.
12.For Exchange, select Aggressive Mode. Remember, the TZ170 receives a dynamic IP address from the ISP.
13.Select the rest of the Phase 1 and 2 proposal settings as required. Ensure that they match up with the settings you make on the TZ170.
14.We will not use any of the Advanced Setting for this example.
15.Click OK.
For the TZ170, we assume that it is also running the Enhanced software. Define the TZ170 SA as follows:
1.From the GUI, select the VPN option, and then click ADD.
2.For IPSec Keying Mode, select IKE using Preshared Secret.
3.For Name, enter an appropriate name for this VPN SA.
4.For the IPSec Primary Gateway, enter 208.48.32.2. This is the IP address assigned to the X1 WAN interface of the Pro4060.
5.For the IPSec Secondary Gateway, enter 0.0.0.0. The X2 WAN interface of the Pro 4060 receives a dynamic IP via PPPoE. If it was a static IP, you could enter its IP as the IPSec Secondary Gateway.
6.For Shared Secret, enter the same value as the Pro 4060 Shared Secret.
7.For the Local IKE ID, select Sonicwall Identifier and enter the serial number of the TZ170.
14
