Справочник Пользователя для SonicWALL 5.8.1

In this example, a site-to-site VPN is configured between two TZ 200 appliance, with the 
following settings:

Local TZ 200 (home):

 

WAN IP: 10.50.31.150

 

LAN subnet: 192.168.61.0 

 

Mask 255.255.255.0

 

 

Remote TZ 200 (office):

 

WAN IP: 10.50.31.104

 

LAN subnet: 192.168.15.0

 

Mask: 255.255.255.0

 

 

Authentication Method: IKE using a Pre-Shared Key

 

Phase 1 Exchange: Main Mode

 

Phase 1 Encryption: 3DES

 

Phase 1 Authentication SHA1

 

Phase 1 DH group: 2

 

Phase 1 Lifetime: 28800

 

Phase 2 Protocol: ESP

 

Phase 2 Encryption: 3DES

 

Phase 2 Authentication: SHA1

 

Phase 2 Lifetime: 28800

 

No PFS

In configure mode, create an address object for the remote network, specifying the name, 
zone assignment, type, and address. In this example, we use the name OfficeLAN:

(config[TZ200]> address-object Office LAN

 

(config-address-object[OfficeLAN])>

The prompt has changed to indicate the configuration mode for the address object.

(config-address-object[OfficeLAN])> zone VPN

 

(config-address-object[OfficeLAN])> network 192.168.15.0 

255.255.255.0

 

(config-address-object[OfficeLAN])> finished

To display the address object, type the command 

:

TZ200 > show address-object OfficeLAN

The output will be similar to the following:

address-object OfficeLAN

 

network 192.168.15.0 255.255.255.0

 

zone VPN

To create the VPN policy, type the command vpn policy [name] [authentication method]:

(config[TZ200])> vpn policy OfficeVPN pre-shared

 

(config-vpn[OfficeVPN])>

The prompt has changed to indicate the configuration mode for the VPN policy. All the 
settings regarding this VPN will be entered here.