So you're going to want to setup the other SonicWall just like the steps above but with these differences: Next step is the other one with a few differences. ![]() If you've followed this far and not fallen into some archaic error or sheer boredom then AWESOME! You have officially set things up.on one firewall. The only thing checked should be Enable Phase2 Dead Peer Detection and it should be filled out with these settings:ĭead Peer Detection Interval (seconds):180įailure Trigger Level (missed heartbeats): 3 Under Remote Networks, select Create New Adress Objectand fill in the info for the LAN at the other end of the VPN.Ĭlick on Proposals and configure it as follows: Select the Network tab and under Choose local networks from the list, select LAN Subnets. Peer IKE ID: Select the initiator's UFI that you created. Local IKE ID: Select the UFI that you created for THIS SonicWall's name. Shared Secret: Generate a secure password that passes the modern password requirements rigor Primary and Secondary Gateways: 0.0.0.0 (Remember, this device is being configured as the "Master" so it will only listen and be passed the GW info from the initiator) Name: This will be your chosen name of the OTHER firewall (not the master). For a site-to-site configuration, make sure you fill out as follows:Īuthentication method:IKE using pre-shared secret While logged into the VPN page, click add under VPN policies. Make sure to write down the UFI that you named above as you will use it in the coming steps. On the device you are considering as the "Master", login to the configuration page and head to VPN and then Settings.Įnsure that Enable VPN is turned on and change the Unique Firewall Identifier to something that you can identify internally. ![]() This configuration will work if you have a main intranet or are configuring tunnels between two branch offices. To have this properly setup, between two FWs, you will want one FW to act as the master and one as the initiator. It can help mitigate against external threats and encrypt data across networks in a uniform fashion. ![]() A site-to-site VPN is used in instances where there are remote offices and you'd like to consilidate your network to one intranet instead of multiple.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |