Page 146 SONICWALL VPN
Adding, Modifying and Deleting Destination Networks
You may add, modify or delete destination networks. To add a second destination
network, click
Add New Network...
and define the
Network
and
Subnet
Mask
fields of the second network segment. To modify a destination network, click the
Notepad
icon to the right of the appropriate destination network entry. Then modify
the appropriate fields and click
Update
to update the configuration. To delete a
destination network, click the
Trash Can
icon to the far right of the appropriate
destination network entry and then click
OK
to confirm the removal.
Modifying and Deleting Existing Security Associations
The
Security Association
menu also allows you to modify and delete existing
Security Associations
. To delete an
SA
, select it from the menu and click the
Delete
This SA
button. To modify an
SA
, select it from the menu, make the desired
changes, and click
Update
. Once the SonicWALL has been updated, a message
confirming the update is displayed at the bottom of the Web browser window. Click
Update
to enable the changes.
Accessing Remote Resources across a Virtual Private Network
SonicWALL VPN Clients, which cannot transmit NetBIOS broadcasts, may access
resources across a VPN by locating a remote computer by IP address. For example, if
a remote office has a Microsoft SQL server, users at the local office may access the SQL
server by using the server’s private IP address.
There are several ways to facilitate connecting to a computer across a SonicWALL VPN:
•
Use the
Find Computer
tool
•
Create a
LMHOSTS file
in a local computer’s registry
•
Configure a
WINS Server
to resolve a name to a remote IP address.
Radius and Xauth Authentication
An IKE Security Association may be configured to require RADIUS authentication
before allowing VPN clients to access LAN resources. This authentication provides an
additional layer of VPN security while simplifying and centralizing management.
RADIUS authentication allows many VPN clients to share the same VPN configuration,
but requires each client to authenticate with a unique user name and password. And
because a RADIUS server controls network access, all employee privileges may be
created and modified from one location.
Note
: SonicWALL's RADIUS implementation supports Steel-Belted RADIUS by Funk
Software. A 30-day demo version of Steel-Belted RADIUS may be downloaded from
<http://www.funk.com>.
To enforce RADIUS authentication, complete the following instructions.
integrated_manual.book Page 146 Wednesday, June 13, 2001 6:21 PM