Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure a LAN-to-LAN tunnel between the Cisco VPN 3000 Concentrator and the Sonicwall TZ170

Resolution

In order to configure a LAN-to-LAN tunnel between the Cisco VPN 3000 Concentrator and the Sonicwall TZ170, complete these steps on the Cisco VPN 3000 Concentrator:

  1. On the Cisco VPN 3000 Concentrator, choose Configuration > System > Tunneling Protocols > IPSec > IKE Proposals > Modify in order to create an Internet Key Exchange (IKE) proposal.

  2. Choose Configuration > System > Tunneling Protocols > IPSec > IKE Proposals.

  3. Choose created proposal in the last step and click Activate in order to activate the IKE proposal.

  4. Choose Configuration > System > Tunneling Protocols > IPSec LAN-to-LAN.

  5. Click on Add.

  6. Set up an IPsec tunnel called To_Sonicwall with the IP address of the Sonicwall as the peer. For the Preshared Key, choose the actual key. Under Authentication, choose Proposal, and choose DES or 3DES for encryption. Choose the IKE proposal from step 1 and choose the Local and Remote networks.

  7. Choose Configuration > Policy Management > Traffic Management > Security Associations > Modify and verify that Perfect Forward Secrecy is disabled and leave the IPsec Time Lifetime at the default 28,800 seconds.

  8. Save the configuration.

Refer to the Configure the VPN 3000 Concentrator section of Configuring an IPSec Tunnel - Cisco VPN 3000 Concentrator to Checkpoint 4.1 Firewall for help with the screenshots.

In order to configure Sonicwall TZ170, complete these steps:

  1. Log in to the Sonicwall device and choose VPN > Settings.

  2. Enter the IP address of the VPN peer and the pre-shared secret.

  3. Click Add under Destination Networks.

  4. Enter the destination network.

  5. Click Proposals at the top of Settings.

  6. Choose the exchange that you plan to use for this configuration (Main Mode or Aggressive Mode) along with the rest of the Phase 1 and Phase 2 settings.

  7. Click Advanced.

  8. There are additional options that you can configure within this window.

  9. Click OK in order to complete the configuration.

Refer to the Sonicwall Configuration section of VPN Between Sonicwall Products and PIX Firewall Configuration Example for help with the screenshots and for more information.

Note: Make sure that the Phase 1 and Phase 2 policies match on the peers.

Product Family

VPN - 3000 series concentrator

VPN 3000 Software Version

4.x

2447
Views
0
Helpful
0
Comments