Está en la página 1de 4

How To – Establish VPN Tunnel between Cyberoam and Sonicwall using Preshared key

How To – Establish VPN Tunnel between Cyberoam and Sonicwall using Preshared key
Applicable to Version: 9.4.0 build 2 onwards This article describes a detailed configuration example that demonstrates how to configure net-to-net IPSec VPN tunnel between a Cyberoam and SonicWall using Preshared Key to authenticate VPN peers. It is assumed that the reader has a working knowledge of Cyberoam and SonicWall appliance configuration. Throughout the article we will use the network parameters as shown in the diagram below.

Cyberoam Configuration
Step 1: Create IPSec connection Go to VPN → IPSec Connection → Create Connection and create connection with the following values: Connection name: cr_2_sw Policy: Default Policy Action on restart: As required Mode: Tunnel Connection Type: Net to Net Authentication Type – Preshared key

204 Local Internal Network – 8.8.204 i.e. In SonicWall.0 i. SonicWall Configuration Step 3.168. Activate Connection and establish Tunnel Go to VPN → IPSec Connection → Manage Connection To activate the connection.13.15.168. you will receive error ‘unable to activate connection’ hence you need to deactivate all other connections.How To – Establish VPN Tunnel between Cyberoam and Sonicwall using Preshared key Preshared key – Specify Preshared key.com Remote server IP address (WAN IP address) – 192.255. defined as Internal Network in Cyberoam Mask: 255.18.com (SonicWall) User Authentication Mode: As required Protocol: As required Step 2.e. subnet mask for the above network Step 4. click under Connection Status against the cr_2_sw connection under Connection Status indicates that the connection is successfully activated Note At a time only one connection can be active if both the types of connection . Local server IP address (WAN IP address) – 192.8. preshared key is called ‘Shared Secret’ or ‘Preshared Secret’.0/24 Remote ID – dean@elitecore.0 i.1.8.e.255.71 Remote Internal Network – 172.are created with the same source and destination. at the time of activation. Forward this key to the remote peer (SonicWall) as same preshared key should be used by both the peers. In such situation. Add Address Object to define remote network that is to be connected via VPN tunnel Go to Network → Address Object and click ADD under Address Objects and create with the following values: Name: CR_LAN Zone: VPN Type: Network Network: 8. WAN IP of Cyberoam . Create VPN Policy Go to VPN → Settings and click ADD under VPN Policies A.0/24 Local ID – john@elitecore.15. Input following values in the General Tab fields: Authentication Method: IKE using Preshared Key Name: sonicwall_2_cyberoam IPsec Primary Gateway Name or Address: 192.8.168.Digital Certificate and Preshared Key .

Input following values in the Proposals Tab fields: IKE Phase I Proposal Exchange: Main Mode DH Group: 2 Encryption: 3DES Authentication: MD5 Life Tine (seconds): 3600 Ipsec (Phase 2) Proposal Protocol: ESP Encryption: 3DES Authentication: MD5 Enable PFS: Yes DH Group: 2 Life Time (seconds): 3600 VPN Policy is automatically enabled if created successfully. Establish Connection from Cyberoam Go to VPN → IPSec Connection → Manage Connection To establish the connection/tunnel.e. Input following values in the Network Tab fields: Under Local Networks Choose local network from list: LAN Subnets (Contains pre-defined object for LAN network) Under Destination Networks Choose local network from list: CR_LAN i.How To – Establish VPN Tunnel between Cyberoam and Sonicwall using Preshared key IPsec Secondary Gateway Name or Address: Blank Shared Secret: As required (As specified in Cyberoam IPSec connection) Confirm Shared Secret: Same as specified in Shared Secret field Mask Shared Secret: Enable Local IKE ID: Email Address: dean@elitecore. Step 5. click connection under Connection Status against the cr_2_sw under Connection Status indicates that the connection/tunnel is successfully established . If SonicWall is able to establish connection with Cyberoam successfully then the connection/tunnel details will be displayed under Currently Active VPN Tunnels. object created for Cyberoam network in step 1 C.com (IKE of Cyberoam) B.com (IKE of SonicWall) Peer IKE ID: Email Address: john@elitecore.

How To – Establish VPN Tunnel between Cyberoam and Sonicwall using Preshared key Points to be noted • Connection can be initiated from either of the peers provided connection is ‘Active’ in Cyberoam • If you try to connect from Cyberoam when the SonicWall VPN policy is not enabled.0-08/12/2006 . • One can re-establish connection from SonicWall by enabling the VPN policy manually only if connection is ‘Active’ in Cyberoam Reference Documents • VPN Troubleshooting Guide Document Version: 9402-1. Cyberoam will display ‘Unable to establish connection’ message.