LANGUAGE SUMMARY SonicWALL with ZyWALL VPN Tunneling
ARTICLE ID 004070 TYPE General Info
LEVEL Public FIRMWARE 3.64;4.00;3.65;4.01;4.02
VIEWS 7031 VOTES 4
TECHNOLOGY MODEL ZyWALL 5,ZyWALL 5 UTM,ZyWALL 35 (view more model name)

QUESTION

SonicWALL with ZyWALL VPN Tunneling


ANSWER

This page guides us to setup a VPN connection between the ZyWALL and SonicWALL router.

 

As the figure shown below, the tunnel between PC1 and PC2 ensures the packet flows between them are secure. Because the packets go through the IPSec tunnel are encrypted. To setup this VPN tunnel, the required settings for ZyWALL and SonicWALL are explained in the following sections. As the red pipe shown in the following figure, the tunneling endpoints are ZyWALL router and SonicWALL router.

 

 

 

The IP addresses we use in this example areas shown below.

 

 

 

 

 

錨點錨點1. Setup ZyWALL VPN

 

Step 1: Using a web browser, login ZyWALL by giving the LAN IP address of ZyWALL in URL field. Default LAN IP is 192.168.1.1; default password to login web configuration is 1234.

 

Step 2: Go to SECURITY->VPN->Press Add button

 

 

 

 

 

Step 3: Give a name for your policy, for example ToSonicWALL

 

Step 4: My IP Add is the WAN IP of ZyWALL. In this example, you should type 172.22.3.89 IP address on My ZyWALL text box.

 

Step 5: Secure Gateway IP Add is the SonicWALL's WAN IP address. In this example, you should type 172.22.1.251 IP address on Remote Gateway text box.

 

 

 

 

 

Step 6: In Authentication Key, enter the key string 12345678 in the Pre-Shared Key text box.

 

 

 

 

Step 7: Select Negotiation Mode to Main modeEncryption Algorithm to DESAuthentication Algorithm to MD5, Key Group to DH1, and then press Apply button on this page.

 

 

 

 

Step 8: You will see an IKE rule on your VPN page, press L/R button to edit your IPSec rule.

 

 

 

 

 

Step 9: Check Active check box and give a name to this policy.

 

 

 

 

Step 10: On Gateway Policy Information, you should choose ToSonicWALL IKE policy for your IPSec rule.

 

 

 

 

Step 11: On Local Network, choose Subnet Address for your Address Type.

Starting IP Address and Ending IP Address/Subnet are your local site LAN IP addresses. In this example, you should type 192.168.1.0 on Starting IP Address field and then type 255.255.255.0 on Ending IP Address/Subnet field.

 

 

 

 

Step 12: On Remote Network, choose Subnet Address for your Address Type.

Starting IP Address and Ending IP Address/Subnet are your remote site LAN IP addresses. In this example, you should type 192.168.168.0 on Starting IP Address field and then type 255.255.255.0 on Ending IP Address/Subnet field.

 

 

 

 

Step 13: On IPSec Proposal, select Encapsulation Mode to Tunnel, Active Protocol to ESP, Encryption Algorithm to DES and Authentication Algorithm to SHA1, and then press Apply button on this page.

 

 

 

 

Step 14: When you finished doing your settings, you will see the following page.

 

 

 

 

 

錨點2. Setup SonicWALLVPN (We choose SonicWALL TZ150 device in this example.)

 

 

Step 1: Using a web browser, login SonicWALL by giving the LAN IP address of SonicWALL in URL field.

 

Step 2: Go to VPN page, check Enable VPN check box, and then press Add button, it will bring up a page which you could do your VPN settings.

(Note: You could use VPN Policy Wizard to set up your VPN rules as well.)

 

 

 

 

 

Step 3: Click General tab, on Security Policy settings, give a name to this policy. In this example, type ToZyWALL on Name text box. IPSec Primary Gateway Name or Address is the ZyWALL'sWAN IP Address (remote gateway IP address). In this example, you should type 172.22.3.89 on IPSec Primary Gateway Name or Address text box. Then, enter the key string 12345678 on Shared Secret text box.

 

 

 

 

 

Step 4: On Destination Networks, select Specify destination networks below option, and then press Add button.

 

 

 

 

Step 5: Network IP Address and Subnet Mask are your remote site LAN IP addresses. In this example, you should type 192.168.1.0 on Network text box and then type 255.255.255.0 on Subnet Mask text box, and then press OK button.

 

 

 

 

Step 6: Click Proposals tab, on IKE (Phase1) proposal settings, select Main modeDH Group to Group1, Encryption to DES and Authentication to MD5. On IPSec (Phase2) proposal settings, select ESP ProtocolEncryption to DES and Authentication to SHA1. Then, press OK button on this page.

 

 

 

 

Step 7: When you finished doing your settings, you will see the following page.

 

 

 

 

Step 8: When your VPN tunnel is up, you will see the following page.

 


SCENARIO DESCRIPTION:


SETUP/STEP BY STEP PROCEDURE:


VERIFICATION:

  


PROBLEM DESCRIPTION:


SOLUTION:


CONDITION/REPRODUCE PROCEDURE:

Did you find this article helpful? Yes No

Need technical support:http://www.zyxel.com/form/Support_Feedback.shtml