Prestige
to SonicWALL
Tunneling
- Setup Prestige
- Setup SonicWALL
Note: Not all ZyXEL Prestige provide
VPN functionality. Please check the User's Manual from the packaged
CD-ROM.
This page guides us to setup a VPN connection between Prestige and SonicWALL. As the
figure shown below, the tunnel between PC 1 and PC 2 ensures the packets flow between them
are secure. To setup this VPN tunnel, the required settings for Prestige and SonicWALL are
explained in the following sections.
The IP addresses we use in this example are as shown below.
PC 1 |
Prestige |
Sonicwall |
PC 2 |
192.168.1.33 |
LAN: 192.168.1.1
WAN: 202.132.154.1 |
LAN: 192.168.181.1
WAN: 168.10.10.66 |
192.168.181.10 |
Note: The following configurations are
supposed both two VPN gateways have fixed IP addresses. If one of VPN gateways uses
dynamic IP, we enter 0.0.0.0 as the secure gateway IP address. In this
case, the VPN connection can only be initiated from dynamic side to fixed side to update
its dynamic IP to the fixed side. From this connection, the source IP is obtained and then
update to the previous 0.0.0.0 field. However, if both gateways use dynamic IP addresses,
it is no way to establish VPN connection at all.
1. Setup
Prestige
- Login Prestige by giving the LAN IP address of Prestige in URL field. Default LAN IP is 192.168.1.1,
default password to login web configurator is 1234.
- Click Advanced, and click VPN tab on the left.
- On the SUMMARY menu, Select a policy to edit by clicking Edit.
- On the CONFIGURE-IKE menu, check Active check box and
give a name to this policy.
- Select IPSec Keying Mode to IKE and Negotiation
Mode to Main, as we configured in Sonicwall.
- Source IP Address Start and Source IP Address End are PC
1 IP in this example. (the secure host behind Prestige)
- Destination IP Address Start and Destination IP Address End
are PC 2 IP in this example. (the secure remote host)
- My IP Addr is the WAN IP of Prestige.
- Secure Gateway IP Addr is the remote secure gateway IP, that is
Sonicwall WAN IP in this example.
- Select Encapsulation Mode to Tunnel.
- Check the ESP check box. (AH can not be used in SUA/NAT case)
- Select Encryption Algorithm to DES and Authentication
Algorithm to MD5, as we configured in Sonicwall.
- Enter the key string 12345678 in the Preshared Key
text box, and click Apply.
See the screen shot:

2. Setup SonicWALL
- Login SonicWALL by giving the LAN IP address of SonicWALL, default is 192.168.168.1.
- Click Gernal menu, and click Network tab.
- Select NAT Enabled as the Network Addressing Mode.
- In LAN Settings, enter a LAN IP and Subnet Mask for SonicWALL.
- In WAN Settings, enter a WAN IP, Subnet Mask, and WAN Gateway for
SonicWALL.
- In DNS Settings, enter the DNS IP.
- Click Update to save the settings to SonicWALL.
- Click DHCP, enable DHCP, and the Dynamic Ranges.
- Click VPN, click Configure tab.
- In Security Association option, select Add New SA.
- In IPSec Keying Mode option, select IKE using pre-shared
secret.
- In Name option, give a name for this SA.
- In IPSec Gateway Address, enter Prestige WAN IP
- In Encryption Method option, select Encrypt and Authenticate
(ESP DES HMAC MD5).
- In Shared Secret option, enter 12345678 as the secret key.
- Click Add New Network.
- In Edit VPN Destination Network, enter remote secure host in Network
field, PC 1 in the case. And also enter its subnet mask and click Update.
- Click Update to save VPN settings in VPN menu.
See the screen shot:


If the SA is up, you can see a new button, Renegotiate appears in the
Summary screen.
