SonicWALL Internet Security Appliances Benutzerhandbuch
SonicWALL VPN Page 193
Group VPN Configuration for the SonicWALL and VPN Client
Configuring Group VPN on the SonicWALL
Click VPN on the left side of the SonicWALL browser window, and then click Configure.
The SonicWALL VPN tab defaults to a Group VPN setting. This feature facilitates the set up and
deployment of multiple VPN clients by the administrator of the SonicWALL appliance. Security
settings can now be exported to the remote client and imported into the remote VPN client settings.
Group VPN allows for easy deployment of multiple VPN clients making it unnecessary to individually
configure remote VPN clients. Group VPN is only available for VPN clients and it is recommended to
use Authentication Service or XAUTH/RADIUS in conjunction with the Group VPN for added security.
To enable Group VPN, follow the instructions below:
1. Click VPN on the left side of the Management Station interface.
2. Click on Group VPN. The Security Association default setting is Group VPN.
3. Configure the Group VPN to use either IKE using Pre-shared Secrets or IKE using Certificates.
deployment of multiple VPN clients by the administrator of the SonicWALL appliance. Security
settings can now be exported to the remote client and imported into the remote VPN client settings.
Group VPN allows for easy deployment of multiple VPN clients making it unnecessary to individually
configure remote VPN clients. Group VPN is only available for VPN clients and it is recommended to
use Authentication Service or XAUTH/RADIUS in conjunction with the Group VPN for added security.
To enable Group VPN, follow the instructions below:
1. Click VPN on the left side of the Management Station interface.
2. Click on Group VPN. The Security Association default setting is Group VPN.
3. Configure the Group VPN to use either IKE using Pre-shared Secrets or IKE using Certificates.
To use certificates, an Authentication Service upgrade must be purchased.
4. Select Group 2 from the Phase 1 DH Group menu.
5. Enter the SA Life Time value in minutes. A value of 28800 seconds (8 hours) is recommended.
6. Select 3DES & SHA1 from the Phase 1 Encryption/Authentication menu.
7. Select Encrypt and Authenticate (ESP 3DES HMAC MD5) from the Phase 2 Encryption/
5. Enter the SA Life Time value in minutes. A value of 28800 seconds (8 hours) is recommended.
6. Select 3DES & SHA1 from the Phase 1 Encryption/Authentication menu.
7. Select Encrypt and Authenticate (ESP 3DES HMAC MD5) from the Phase 2 Encryption/
Authentication menu.