SonicWALL TZ 190 Manuale Utente

Hub and Spoke Design - All SonicWALL VPN gateways are configured to connect to a 
central SonicWALL (hub), such as a corporate SonicWALL. The hub must have a static IP 
address, but the spokes can have dynamic IP addresses. If the spokes are dynamic, the 
hub must be a SonicWALL. 

Mesh Design - All sites connect to all other sites. All sites must have static IP addresses.

See “Planning Your VPN” on page 542 for a planning sheet to help you set up your VPN. 

You can easily create site-to-site VPN policies using the VPN Policy Wizard. For complete 
step-by-step instructions on using the VPN Policy Wizard, see Chapter 51 Configuring VPNs 
with the SonicWALL VPN Policy Wizard.

You can create or modify existing VPN policies using the VPN Policy window. Clicking the Add 
button under the VPN Policies table displays the VPN Policy window for configuring the 
following IPsec Keying mode VPN policies:

IKE using Preshared Key

Manual Key

IKE using 3rd Party Certificates

Use the VPN Planning Sheet for Site-to-Site VPN Policies to record your settings. These 
settings are necessary to configure the remote SonicWALL and create a successful VPN 
connection.

For configuring VPN policies between SonicWALL security appliances running SonicOS 
Enhanced and SonicWALL security appliances running SonicWALL Firmware version 6.5 
(or higher), see the technote: Creating IKE IPsec VPN Tunnels between SonicWALL 
Firmware 6.5 and SonicOS Enhanced, available at the SonicWALL documentation Web site

.