Manual key for two sonicwalls – SonicWALL Internet Security Appliances User Manual

Page 206 SonicWALL Internet Security Appliance Administrator’s Guide

IKE and Manual Key Configuration for Two SonicWALLs

VPN between two SonicWALLs allows users to securely access files and applications at remote
locations. The first step to set up a VPN between two SonicWALLs is creating corresponding Security
Associations (SAs). The instructions below describe how to create an SA using Manual Keying and
Internet Key Exchange (IKE). These instructions are followed by an example illustrating a VPN tunnel
between two SonicWALLs. Either Manual Key or IKE using Preshared Secret can be used to
configure a VPN tunnel between two SonicWALLs.

Manual Key for Two SonicWALLs

Click VPN on the left side of the SonicWALL browser window, and then click the Configure tab.
1. Select Manual Key from the IPSec Keying Mode menu.

2. Select -Add New SA- from the Security Association menu.

3. Enter a descriptive name for the Security Association, such as "Chicago Office" or "Remote

Management", in the Name field.

4. Enter the IP address of the remote VPN gateway in the IPSec Gateway Address field. This must

be a valid IP address and is the remote VPN gateway NAT Public Address if NAT is enabled. Enter
"0.0.0.0" if the remote VPN gateway has a dynamic IP address.

5. Define an SPI (Security Parameter Index) that the remote SonicWALL uses to identify the

Security Association in the Incoming SPI field.