Prestige to SonicWALL Tunneling

  1. Setup Prestige
  2. Setup SonicWALL

Note: Not all ZyXEL Prestige provide VPN functionality. Please check the User's Manual from the packaged CD-ROM.


This page guides us to setup a VPN connection between Prestige and SonicWALL. As the figure shown below, the tunnel between PC 1 and PC 2 ensures the packets flow between them are secure. To setup this VPN tunnel, the required settings for Prestige and SonicWALL are explained in the following sections. 

 

The IP addresses we use in this example are as shown below.

PC 1 

Prestige Sonicwall PC 2
192.168.1.33 LAN: 192.168.1.1
WAN:  202.132.154.1
LAN: 192.168.181.1
WAN:  168.10.10.66

192.168.181.10

Note: The following configurations are supposed both two VPN gateways have fixed IP addresses. If one of VPN gateways uses dynamic IP, we enter 0.0.0.0 as the secure gateway IP address. In this case, the VPN connection can only be initiated from dynamic side to fixed side to update its dynamic IP to the fixed side. From this connection, the source IP is obtained and then update to the previous 0.0.0.0 field. However, if both gateways use dynamic IP addresses, it is no way to establish VPN connection at all.


1. Setup Prestige

  1. Login Prestige by giving the LAN IP address of Prestige in URL field. Default LAN IP is 192.168.1.1, default password to login web configurator is 1234.
  2. Click Advanced, and click VPN tab on the left.
  3. On the SUMMARY menu, Select a policy to edit by clicking Edit.
  4. On the CONFIGURE-IKE menu, check Active check box and give a name to this policy.
  5. Select IPSec Keying Mode to IKE and Negotiation Mode to Main, as we configured in Sonicwall.
  6. Source IP Address Start and Source IP Address End are PC 1 IP in this example. (the secure host behind Prestige)
  7. Destination IP Address Start and Destination IP Address End are PC 2 IP in this example. (the secure remote host)
  8. My IP Addr is the WAN IP of Prestige.
  9. Secure Gateway IP Addr is the remote secure gateway IP, that is Sonicwall WAN IP in this example.
  10. Select Encapsulation Mode to Tunnel.
  11. Check the ESP check box. (AH can not be used in SUA/NAT case)
  12. Select Encryption Algorithm to DES and Authentication Algorithm to MD5, as we configured in Sonicwall.
  13. Enter the key string 12345678 in the Preshared Key text box, and click Apply.

See the screen shot:


2. Setup SonicWALL

  1. Login SonicWALL by giving the LAN IP address of SonicWALL, default is 192.168.168.1.
  2. Click Gernal menu, and click Network tab.
  3. Select NAT Enabled as the Network Addressing Mode.
  4. In LAN Settings, enter a LAN IP and Subnet Mask for SonicWALL.
  5. In WAN Settings, enter a WAN IP, Subnet Mask, and WAN Gateway for SonicWALL.
  6. In DNS Settings, enter the DNS IP.
  7. Click Update to save the settings to SonicWALL.
  8. Click DHCP, enable DHCP, and the Dynamic Ranges.
  9. Click VPN, click Configure tab.
  10. In Security Association option, select Add New SA.
  11. In IPSec Keying Mode option, select IKE using pre-shared secret.
  12. In Name option, give a name for this SA.
  13. In IPSec Gateway Address, enter Prestige WAN IP
  14. In Encryption Method option, select Encrypt and Authenticate (ESP DES HMAC MD5).
  15. In Shared Secret option, enter 12345678 as the secret key.
  16. Click Add New Network.
  17. In Edit VPN Destination Network, enter remote secure host in Network field, PC 1 in the case. And also enter its subnet mask and click Update.
  18. Click Update to save VPN settings in VPN menu.

See the screen shot:
s_config.gif (112401 bytes)

s_add.gif (8002 bytes)

If the SA is up, you can see a new button, Renegotiate appears in the Summary screen.
s_ok.gif (104966 bytes)