Справочник Пользователя для SonicWALL 5.8.1

Configure the Pre-Shared Key. In this example, the Pre-Shared Key is sonicwall:

(config-vpn[OfficeVPN])> pre-shared-secret sonicwall

Configure the IPSec gateway:

(config-vpn[OfficeVPN])> gw ip-address 10.50.31.104

Define the local and the remote networks:

(config-vpn[OfficeVPN])> network local address-object "LAN Primary 

Subnet"

 

(config-vpn[OfficeVPN])> network remote address-object "OfficeLAN"

Configure the IKE and IPSec proposals:

(config-vpn[OfficeVPN])> proposal ike main encr triple-des auth sha1 

dh 2 lifetime 28800

 

(config-vpn[OfficeVPN])> proposal ipsec esp encr triple-des auth 

sha1 dh no lifetime 28800

In the Advanced tab in the UI configuration, enable keepalive on the VPN policy:

(config-vpn[OfficeVPN])> advanced keepalive

To enable the VPN policy, use the command vpn enable “name” :

(config[TZ200])> vpn enable "OfficeVPN"

Use the finished command to save the VPN policy and exit from the VPN configure mode:

(config-vpn[OfficeVPN])> finished

 

(config[TZ200])>

The configuration is complete.

 The command prompt goes back to the configure mode prompt.

Use the following steps to configure the VPN policies.

To view a list of all the configured VPN policies, type the command show vpn policy. The 
output will be similar to the following:

(config[TZ200])> show vpn policy

Policy: WAN GroupVPN (Disabled)

 

Key Mode: Pre-shared

 

Pre Shared Secret: DE65AD2228EED75A

Proposals:

 

IKE: Aggressive Mode, 3DES SHA, DH Group 2, 28800 seconds

 

IPSEC: ESP, 3DES SHA, No PFS, 28800 seconds

Advanced:

 

Allow NetBIOS OFF, Allow Multicast OFF

 

Management: HTTP OFF, HTTPS OFF

 

Lan Default GW: 0.0.0.0

 

Require XAUTH: ON, User Group: Trusted Users

Client:

 

Cache XAUTH Settings: Never

 

Virtual Adapter Settings: None

 

Allow Connections To: Split Tunnels