HELP
TABLE OF CONTENTS

VPN>Summary

The Summary page has four sections: Global VPN Settings, VPN Bandwidth Management, VPN Policies, and Currently Active VPN Tunnels.

Global VPN Settings

The Global VPN Settings section displays the following information:

Unique Firewall Identifier - the default value is the serial number of the SonicWALL appliance. You can change the Identifier, and use it for configuring VPN tunnels.
Enable VPN - must be selected to allow VPN security associations.
Disable all VPN Windows Networking (NetBIOS) broadcast - disables NetBIOS broadcasts for every Security Association configuration.
Enable Fragmented Packet Handling - if the VPN log report shows the log message "Fragmented IPSec packet dropped", select this feature. Do not select it until the VPN tunnel is established and in operation.
Enable NAT Traversal - select if a NAT device is located between your VPN endpoints. More information on SonicWALL NAT Traversal Support.
Keep Alive Interval (seconds) - the default value is 240 seconds (4 minutes). If Enable Keep Alive is selected on the Advanced Settings window, this is the interval of time between “heartbeats.”
Enable IKE Dead Peer Detection - select if you want inactive VPN tunnels to be dropped by the SonicWALL. Enter the number of seconds between “heartbeats” in the Dead Peer Detection Interval (seconds) field. The default value is 60 seconds. Enter the number of missed heartbeats in the Failure Trigger Level (missed heartbeats) field. The default value is 3. If the trigger level is reached, the VPN connection is dropped by the SonicWALL. The SonicWALL uses a UDP packet protected by Phase 1 Encryption as the heartbeat.
Clean up Active tunnels when Peer Gateway DNS name resolves to a different IP address - the SonicWALL automatically updates active VPN policies with the new IP addresses.

VPN User Authentication Settings

Allow these services to bypass user authentication on SAs - this feature allows VPN users without authentication to access the specified services. To add a services, select the service from the menu and click Add. The service is added to the Allow these services to bypass user authentication on SAs list. To remove a service, select the service in the Allow these services to bypass user authentication on VPN SAs list and click Remove.
Allow these address ranges to bypass user authentication on SAs - this feature allows the specified IP address or IP address range to bypass user authentication on VPN connections. To add an IP address, enter the single IP address in the first field, then click Add. To add an IP address range, enter the range starting IP address in the first field and the ending IP address in the second field (up to the last three numbers of the IP address, then click Add.

VPN Bandwidth Management

You can allocate bandwidth to all outbound VPN traffic. To enable VPN Bandwidth Management, select Enable VPN Bandwidth Management, and enter the amount of bandwidth in Kbps for VPN guaranteed bandwidth and VPN maximum bandwidth. Select VPN bandwidth priority from the VPN bandwidth priority menu, 0 (highest) to 7 (lowest).

Alert! Bandwidth management is available only on outbound VPN traffic. You cannot configure individual Security Associations to use bandwidth management.

VPN Policies

This section displays all of the VPN configurations in the SonicWALL appliance. If you click the name of the security association, the security association settings are displayed in the Configure page. The GroupVPN security association (SA) is the default VPN policy. You can add additional VPN policies. You can disable the GroupVPN policy but you cannot delete the GroupVPN SA from the VPN Policies table.

Clicking the Notepad icon displays the Configure page to edit the VPN policy.

Clicking the Trashcan icon deletes the VPN policy.

Currently Active VPN Tunnels

A list of currently active VPN tunnels is displayed in this section. The table lists the Name of the SA, the Local LAN IP addresses, the Remote destination network IP addresses, and the peer Gateway IP address.

Help Table of Contents