How it Works
Sonicwall
Loading...
SONICOS 5.6
ADMINISTRATORS Manual
1200 pgs23.13 Mb0
VPN Manual
6 pgs480 Kb0
Single Sign-On
62 pgs1.79 Mb0
LOG EVENTS REFERENCE Manual
83 pgs1.36 Mb0
VIRTUAL ASSIST
10 pgs590.1 Kb0
DPI-SSL
8 pgs271.37 Kb0
Table of contents
Loading...

Sonicwall SONICOS 5.6 VPN Manual

Overview

Dynamic Route Based Virtual Private Network
Document Scope
This solutions document provides details about Route Based Virtual Private Network (VPN) Technology, its advantages, and procedures to configure a Dynamic Route Based VPN.
This document contains the following sections:
“Using Dynamic Route Based VPN” section on page 2
“Configuring Routing Protocol for a Tunnel Interface” section on page 4
This section provides an introduction to Route Based VPN. This section contains the following subsections:
“What is a Dynamic Route Based VPN?” section on page 1
“Benefits” section on page 2
“Platforms” section on page 2

What is a Dynamic Route Based VPN?

In general, a Virtual Private Network (VPN) is a way for companies to have the same security as if all the distributed networks were together, with only one access to the private network, or intranet. Each location has a firewall, configured specially so that it recognizes all the other firewall locations. When the firewall sees a packet headed outward to another protected location, the packet is encrypted. After it travels across the Internet, the receiving firewall then decrypts the packet.
A policy-based approach forces the VPN policy configuration to include the network topology configuration. This makes it difficult for the network administrator to configure and maintain the VPN policy with a constantly changing network topology.
With the Dynamic Route Based VPN approach, network topology configuration is removed from the VPN policy configuration. The VPN policy configuration creates a Tunnel Interface between two end points. Dynamic routes can then be added to the Tunnel Interface. The Dynamic Route Based VPN feature provides flexibility to efficiently manage the changes in your network.
SonicWALL Route Based VPN Feature Module
1

Using Route Based VPN

Benefits

Benefits

Not only does Route Based VPN make configuring and maintaining the VPN policy easier, a major
Not only does Route Based VPN make configuring and maintaining the VPN policy easier, a major advantage of the Route Based VPN feature is that it provides flexibility on how traffic is routed. With this
advantage of the Route Based VPN feature is that it provides flexibility on how traffic is routed. With this feature, users can now define multiple paths for overlapping networks over a clear or redundant VPN.
feature, users can now define multiple paths for overlapping networks over a clear or redundant VPN.

Platforms

Platforms

The Route Based VPN feature is supported on SonicOS 5.6 Enhanced and higher.
Route Based VPN is a feature for SonicOS 5.5 Enhanced.

Using Dynamic Route Based VPN

Using Route Based VPN
Dynamic route based VPN configuration is a two step process. The first step involves creating a Tunnel
This section contains the following subsections: Interface. The crypto suites used to secure the traffic between two end-points are defined in the Tunnel
“Configuring Static Route Based VPN” section on page 2
Interface. The second step involves configuring the Routing Protocol for the Tunnel Interface.
“Configuration Overview” section on page 2
This section contains the following subsections:
Adding a Tunnel Interface” section on page 3
“Configuration Overview” section on page 2
“Creating a Static Route for Tunnel Interface” section on page 4
“Adding a Tunnel Interface” section on page 3
“Route Entries for Different Network Segments” section on page 5
“Configuring Routing Protocol for a Tunnel Interface” section on page 4
“Redundant Static Routes for a Network” section on page 6
“Drop Tunnel Interface” section on page 6

Configuration Overview

“Creating a Static Route for Drop Tunnel Interface” section on page 7
The Tunnel Interface is created when a Policy of type “Tunnel Interface” is added for the remote gateway. The Tunnel Interface must be bound to a physical interface and the IP address of that physical interface is

Configuring Static Route Based VPN

used as the source address of the tunneled packet.
For more details about a general tunnel interface configuration, please refer to the SonicOS Enhanced 5.4 Route based VPN configuration is a two step process. The first step involves creating a Tunnel Interface.
Administrator’s Guide: http://www.sonicwall.com/
The crypto suites used to secure the traffic between two end-points are defined in the Tunnel Interface. The second step involves creating a static route using Tunnel Interface.
Configuration Overview
The Tunnel Interface is created when a Policy of type “Tunnel Interface” is added for the remote gateway. The Tunnel Interface must be bound to a physical interface and the IP address of that physical interface is used as the source address of the tunneled packet.
A Static Route ties the traffic (source, destination, and service) to the Tunnel Interface. Any number of overlapping static routes can be added for the tunneled traffic. When networks are added or removed from the topology, the static routes only need to be updated accordingly; the tunnel interface configuration does not need to be updated.
2
SonicWALL Route Based VPN Feature Module
Loading...
+ 4 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use