Menu
▾
▴
Re: [IPCop-user] IPCop to Sonicwall VPN
|
From: Kyle H. <Ky...@nr...> - 2007-04-11 21:30:44
|
> This is something I've tried to do with no success. Could you give a > how-to along with settings on both the IPCop and Sonicwall. Here are the settings I have to a TZ170 (I've had VPNs up to other models = of SonicWall in the past, but they've all been replaced. I don't think the = settings were any different.) Everything in square brackets below = shouldn't be taken literally (which you probably could figure out). I also = make no claims that this is the only configuration that can work, but once = I got it working I quit futzing with it. IPCop configuration =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Main screen ------------ IPCop side: Left Remote host IP: [sonicwall.public.ip.address] Local subnet: 192.168.[ipcop-local-net].0/255.255.255.0 Remote subnet: 192.168.[sonicwall-local-net].0/255.255.255.0 Dead Peer Detection: restart PFS: no Advanced screen --------------- Compression: (unchecked) IKE Encryption: AES (128) and 3DES (note: you can select multiples by = holding down the <ctrl> key while clicking) IKE lifetime: 1 hour IKE Integrity: SHA and MD5 IKE Grouptype: MODP-1536 and MODP-1024 ESP Encryption: AES (128) and 3DES ESP Keylife: 8 hours ESP Grouptype: SHA1 and MD5 Use only proposed settings: (unchecked) SonicWall Configuration: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D General ------- IPSEC Keying Mode: IKE using Preshared Secret Name: [whatever you want to call it] IPSEC Primary Gateway Name or Address: [ipcop.public.ip.address] IPSEC Secondary Gateway Name or Address: 0.0.0.0 Destination networks: 192.168.[ipcop-local-net].0 Proposals --------- Phase 1: Exchange: Main Mode DH Group: Group 2 Encryption: 3DES Authentication: SHA1 Life time (seconds): 28800 Phase 2: Protocol: ESP Encryption: 3DES Authentication: SHA1 Enable Perfect Forward Secrecy: (unchecked) Life time (seconds): 28800 Advanced -------- [All are unchecked] VPN Terminated at: LAN |
