SonicWALL none User Manual
Page 12 SonicWALL Global VPN Client 4.0 Administrator’s Guide
8.
Select Start program automatically when users log in to automatically launch the VPN Global
Client when you log onto the computer, if desired.
Client when you log onto the computer, if desired.
9.
Select Launch program now to automatically launch the Global VPN Client after finishing the
installation, if desired.
installation, if desired.
10. Click Finish.
Adding VPN Connection Policies
Adding a new VPN connection policy is easy because SonicWALL’s Client Policy Provisioning
automatically provides all the necessary configuration information to make a secure connection to the
local or remote network. The burden of configuring the VPN connection parameters is removed from the
Global VPN Client user. VPN connection policies can be created using three methods:
automatically provides all the necessary configuration information to make a secure connection to the
local or remote network. The burden of configuring the VPN connection parameters is removed from the
Global VPN Client user. VPN connection policies can be created using three methods:
•
Download the VPN policy from the SonicWALL VPN Gateway to the Global VPN Client
using the New Connection Wizard. This wizard walks you through the process of locating the source
of your configuration information and automatically downloads the VPN
configuration information over a secure IPSec VPN tunnel.
using the New Connection Wizard. This wizard walks you through the process of locating the source
of your configuration information and automatically downloads the VPN
configuration information over a secure IPSec VPN tunnel.
•
Import a VPN policy file into the SonicWALL Global VPN Client. The VPN policy is sent to you as a
file, which you install using the Import Connection dialog box.
file, which you install using the Import Connection dialog box.
•
Install the default.rcf file as part of the Global VPN Client software installation or add it after installing
the Global VPN Client. If the SonicWALL VPN Gateway administrator included the default.rcf file as
part of the Global VPN Client software, when the program is installed, one or more preconfigured VPN
connections are automatically created.
the Global VPN Client. If the SonicWALL VPN Gateway administrator included the default.rcf file as
part of the Global VPN Client software, when the program is installed, one or more preconfigured VPN
connections are automatically created.
Note! Creating a Default.rcf file and distributing it with the Global VPN Client software allows the
SonicWALL VPN Gateway administrator to streamline VPN client deployment and allow users to quickly
establish VPN connections. When the Global VPN Client software is installed, the VPN policy created by
the SonicWALL VPN Gateway administrator is automatically created. For more information on creating
the Default.rcf file, see “Appendix A - Creating and Deploying the Default.rcf File for Global VPN Clients”
on page 40.
SonicWALL VPN Gateway administrator to streamline VPN client deployment and allow users to quickly
establish VPN connections. When the Global VPN Client software is installed, the VPN policy created by
the SonicWALL VPN Gateway administrator is automatically created. For more information on creating
the Default.rcf file, see “Appendix A - Creating and Deploying the Default.rcf File for Global VPN Clients”
on page 40.
Alert! Your SonicWALL must be configured with GroupVPN to facilitate the automatic provisioning of
Global VPN Clients. For instructions on configuring your SonicWALL with GroupVPN, see your
SonicWALL Administrator’s Guide.
Global VPN Clients. For instructions on configuring your SonicWALL with GroupVPN, see your
SonicWALL Administrator’s Guide.
Understanding VPN Connection Policies
The Global VPN Client allows multiple connection policies to be configured at the same time, whether they
are provisioned from multiple gateways or imported from one or more files. Because connection policies
may be provisioned from multiple gateways, each connection policy explicitly states allowed behavior in
the presence of any connection policy conflicts. You may have VPN connections that don’t allow other
VPN connections or Internet and network connections while the VPN policy is enabled.
are provisioned from multiple gateways or imported from one or more files. Because connection policies
may be provisioned from multiple gateways, each connection policy explicitly states allowed behavior in
the presence of any connection policy conflicts. You may have VPN connections that don’t allow other
VPN connections or Internet and network connections while the VPN policy is enabled.
The VPN connection policy includes all the parameters necessary to establish secure IPSec tunnels to
the gateway. A connection policy includes Phase 1 and Phase 2 Security Associations (SA) parameters
including:
the gateway. A connection policy includes Phase 1 and Phase 2 Security Associations (SA) parameters
including:
•
Encryption and authentication proposals
•
Phase 1 identity payload type
•
Phase 2 proxy IDs (traffic selectors)
•
Client Phase 1 credential
•
Allowed behavior of connection in presence of other active connections
•
Client caching behavior