User Guide

ManualsBrandsSonicWALL ManualsOtherINTERNET SECURITY APPLIANCE

131

132

133

134

135

136

137

138

139

140

Page 130 SonicWALL Internet Security Appliance User’s Guide

6. Define an Incoming SPI and an Outgoing SPI. The SPIs are hexadecimal

(0123456789abcedf) and can range from 3 to 8 characters in length.

Note: SPIs should range from 3 to 8 characters in length and include only hexadecimal

characters. Valid hexadecimal characters are “0” to “9”, and “a” to “f” inclusive (0, 1,

2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f). If you enter an invalid SPI, an error message is

be displayed at the bottom of the browser window. An example of a valid SPI is

1234abcd

Note: Each Security Association must have unique SPIs; no two Security Associations

can share the same SPIs. However, each Security Association Incoming SPI can be the

same as the Outgoing SPI

7. Select Encrypt and Authenticate (ESP DES HMAC MD5) from the Encryption

Method menu.

8. Enter a 16 character hexadecimal encryption key in the Encryption Key field or use

the default value. This encryption key is used to configure the remote SonicWALL

client's encryption key, therefore, write it down to use while configuring the client.

9. Enter a 32 character hexadecimal authentication key in the Authentication Key field

or use the default value. Write down the key to use while configuring the client

settings.

Note: Valid hexadecimal characters include 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a,b, c, d, e, and

f. 1234567890abcdef is an example of a valid DES or ARCFour encryption key. If you

enter an incorrect encryption key, an error message is displayed at the bottom of the

browser window

10. Click Add New Network... to enter the destination network addresses. Clicking Add

New Network... automatically updates the VPN configuration and opens the VPN

Destination Network window.

11. Enter "0.0.0.0" in the Range Start, Range End, and Destination Subnet Mask for

NetBIOS broadcast fields.

12. Click Advanced Settings and select the boxes that apply to your SA:

• Enable Windows Networking (NetBIOS) broadcast - if remote clients use

Windows Network Neighborhood to browse remote networks.

• Apply NAT and firewall rules - to apply NAT and firewall rules to the SA or just

firewall rules if in Standard mode.

• Route all Internet traffic through this SA - route all Internet bound traffic

through this Security Association.

13. Click Update to add the remote network and close the VPN Destination Network

window. Once the SonicWALL has been updated, a message confirming the update is

displayed at the bottom of the browser window.

integrated_manual.book Page 130 Friday, October 12, 2001 2:56 PM