VPN Advanced Settings
All of the Advanced Settings for VPN connections are now located by clicking
Advanced Settings located in the middle of the Configure tab. The following
settings are available in the Edit Advanced Settings window:
•
Enable Keep Alive
•
Require XAUTH/RADIUS (only allows VPN clients)
•
Enable Perfect Forward Secrecy
•
Enable Windows Networking (NetBIOS) broadcast
•
Apply NAT and firewall rules
•
Forward packets to remote VPNs
•
Route all internet traffic through this SA
•
Default LAN Gateway
Enable Keep Alive
Checking the Enable Keep Alive checkbox allows the VPN tunnel to remain active or
maintain its current connection. A proprietary dead peer detection is now implemented
that detects whether or not the remote Security Gateway has a valid IKE tunnel. This
checkbox cannot be used with the Group VPN Security Association.
Require XAUTH/RADIUS (only allows VPN clients)
An IKE Security Association may be configured to require RADIUS authentication
before allowing VPN clients to access LAN resources. This authentication provides an
additional layer of VPN security while simplifying and centralizing management.
RADIUS authentication allows many VPN clients to share the same VPN configuration,
but requires each client to authenticate with a unique user name and password. And
because a RADIUS server controls network access, all employee privileges may be
created and modified from one location
SonicWALL Internet Security Appliance Guide Page 117