Configure tab, Add/modify ipsec security associations – SonicWALL Internet Security Appliances User Manual

SonicWALL VPN Page 181

Configure Tab

Add/Modify IPSec Security Associations

The Configure tab settings change depending on the Security Association (SA) and IPSec Keying
options you choose in the Add/Modify IPSec Security Associations. You can choose either Group
VPN (default) or Add New SA from the Security Association list. If you select Add New SA, a Name
field is displayed that allows you to create a name for the SA, such as Boston Office, Corporate Site,
etc. Select the type of security policy for the SA from the IPSec Keying Mode menu. You can select
IKE using Preshared Secret, Manual Key, or IKE using Certificates.
The IPSec Gateway Address field is used to configure the gateway for the security association.

Disabling Security Associations

You can choose to disable certain security associations and still allow access by remote VPN clients.
The feature is useful if it is suspected that a remote VPN user connection has become unstable or
insecure. It can also temporarily block access to the SonicWALL appliance if necessary. Disable the
Security Association by checking the Disable this SA check box. Click Update to enable the change
to take place.