SonicWALL Internet Security Appliances Network Router User Manual


 
Page 206 SonicWALL Internet Security Appliance Administrator’s Guide
IKE and Manual Key Configuration for Two SonicWALLs
VPN between two SonicWALLs allows users to securely access files and applications at remote
locations. The first step to set up a VPN between two SonicWALLs is creating corresponding Security
Associations (SAs). The instructions below describe how to create an SA using Manual Keying and
Internet Key Exchange (IKE). These instructions are followed by an example illustrating a VPN tunnel
between two SonicWALLs. Either Manual Key or IKE using Preshared Secret can be used to
configure a VPN tunnel between two SonicWALLs.
Manual Key for Two SonicWALLs
Click VPN on the left side of the SonicWALL browser window, and then click the Configure tab.
1. Select Manual Key from the IPSec Keying Mode menu.
2. Select -Add New SA- from the Security Association menu.
3. Enter a descriptive name for the Security Association, such as "Chicago Office" or "Remote
Management", in the Name field.
4. Enter the IP address of the remote VPN gateway in the IPSec Gateway Address field. This must
be a valid IP address and is the remote VPN gateway NAT Public Address if NAT is enabled. Enter
"0.0.0.0" if the remote VPN gateway has a dynamic IP address.
5. Define an SPI (Security Parameter Index) that the remote SonicWALL uses to identify the
Security Association in the Incoming SPI field.