Filter
Top Products
VPN > Settings
902
SonicOS 5.8.1 Administrator Guide
–
Distinguished Name - Based on the certificates Subject Distinguished Name field,
which is contained in all certificates by default. As with the E-Mail ID and Domain Name
above, the entire Distinguished Name field must be entered for site-to-site VPNs Wild
card characters are not supported.
The format of any Subject Distinguished Name is determined by the
issuing Certificate
Authority. Common fields are Country (C=), Organization (O=), Organizational Unit
(OU=), Common Name (CN=), Locality (L=), and vary with the issuing Certificate
Authority. The actual Subject Distinguished Name field in an X.509 Certificate is a
binary object which must be converted to a string for matching purposes. The fields are
separated by the forward slash character, for example: /C=US/O=SonicWALL, Inc./
OU=TechPubs/CN=Joe Pub
To find the certificate details
(Subject Alternative Name, Distinguished Name, etc.),
navigate to the System > Certificates page and click on the Export button for the
certificate.
Step 7 Type an ID string in the Peer IKE ID field.
Step 8 Click on the Network tab.
Step 9 Under Local Networks, select a local network from Choose local network from list if a
specific local network can access the VPN tunnel. If hosts on this side of the VPN connection
will be obtaining their addressing from a DHCP server on the remote side of the tunnel, select
Local network obtains IP addresses using DHCP through this VPN tunnel. If traffic can
originate from any local network, select Any Address.
Step 10 Under Destination Networks, select Use this VPN Tunnel as default route for all Internet
traffic if traffic from any local user cannot leave the SonicWALL security appliance unless it is
encrypted. You can only configure one SA to use this setting. If the remote side of this VPN
connection is be obtaining its addressing from a DHCP server on this side of the tunnel, select
Destination network obtains IP addresses using DHCP server through this tunnel.
Alternatively, select Choose Destination network from list, and select the address object or
group.