VPN > Settings
870
SonicOS 5.8.1 Administrator Guide
(DSL or cable) or dialup Internet access can securely and easily access your network resources
with the SonicWALL Global VPN Client and SonicWALL GroupVPN on your SonicWALL.
Remote office networks can securely connect to your network using site-to-site VPN
connections that enable network-to- network VPN connections.
Note For more information on the SonicWALL Global VPN Client, see the SonicWALL Global
VPN Client Administrator’s Guide.
SonicWALL’s GroupVPN provides automatic VPN policy provisioning for SonicWALL Global
VPN Clients. The GroupVPN feature on the SonicWALL security appliance and the SonicWALL
Global VPN Client dramatically streamline VPN deployment and management. Using
SonicWALL’s Client Policy Provisioning technology, you define the VPN policies for Global
VPN Client users. This policy information automatically downloads from the SonicWALL
security appliance (VPN Gateway) to Global VPN Clients, saving remote users the burden of
provisioning VPN connections.
You can easily and quickly create a site-to-site VPN policy or a GroupVPN policy using the VPN
Policy Wizard. You can also configure GroupVPN or site-to-site VPN tunnels using the
Management Interface. You can define up to four GroupVPN policies, one for each zone. You
can also create multiple site-to-site VPN. The maximum number of policies you can add
depends on your SonicWALL model.
Note Remote users must be explicitly granted access to network resources on the Users > Local
Users or Users > Local Groups pages. When configuring local users or local groups, the
VPN Access tab affects the ability of remote clients using GVC connecting to GroupVPN; it
also affects remote users using NetExtender, and SSL VPN Virtual Office bookmarks to
access network resources. This is new behavior in SonicOS 5.6 and above. To allow
GVC, NetExtender, or Virtual Office users to access a network resource, the network
address objects or groups must be added to the “allow” list on the VPN Access tab.
Planning Your VPN
Before creating or activating a VPN tunnel, gather the following information. You can print these
pages and to use as a planning checklist:
GroupVPN Policy Planning Checklist
On the SonicWALL security appliance:
• Authentication Method:
–
IKE using Preshared Secret
–
IKE using 3rd Party Certificates.
• Shared Secret if using preshared secret.
• Gateway Certificate if using 3rd part certificates. This is a certificate file you have
uploaded to your SonicWALL security appliance and plan to distribute to your VPN Clients.
• Peer ID Type if using 3rd party certificates: Choose
–
Distinguished Name
