Allied Telesis AlliedWare NetScreen Routers Network Manual
  1. Manuals
  2. Brands
  3. Allied Telesis Manuals
  4. Network Router
  5. AlliedWare NetScreen Routers
  6. Network manual
Allied Telesis AlliedWare NetScreen Routers Network Manual

Allied Telesis AlliedWare NetScreen Routers Network Manual

Creating vpn between an allied telesis and a sonicwall router, with nat-t
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
TM
AlliedWare
Create a VPN between an Allied Telesis and a
How To |
SonicWALL Router, with NAT-T
Today's network managers often need to incorporate other vendors' equipment into their
networks, as companies change and grow. To support this challenge, Allied Telesis routers are
designed to inter-operate with a wide range of equipment.
This How To Note details one of the inter-operation solutions from Allied Telesis: creating
virtual private networks between Allied Telesis and SonicWALL routers. It shows you how to
configure a VPN between a local Allied Telesis router and a remote SonicWALL router, step-
by-step. On the Allied Telesis router, it uses the Site-To-Site VPN wizard for the VPN
configuration.
The wizard runs on selected AR400 Allied Telesis routers from the router's web-based GUI
(graphical user interface). It asks you to enter a few details and from those it configures the
following settings:
encryption to protect traffic over the VPN
ISAKMP with a pre-shared key to manage the VPN
the firewall, to protect the LANs and to allow traffic to use the VPN
Network Address Translation (NAT), so that you can access the Internet from the private
LAN through a single public IP address. This Internet access does not interfere with the
VPN solution
(in this example) NAT-Traversal because one end of the VPN tunnel is behind a separate
NAT device
C613-16098-00 REV E
OS
www.alliedtelesis.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the AlliedWare NetScreen Routers and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Allied Telesis AlliedWare NetScreen Routers

Summary of Contents for Allied Telesis AlliedWare NetScreen Routers

  • Page 1 Allied Telesis and SonicWALL routers. It shows you how to configure a VPN between a local Allied Telesis router and a remote SonicWALL router, step- by-step. On the Allied Telesis router, it uses the Site-To-Site VPN wizard for the VPN configuration.

  • Page 2: Table Of Contents

    "How to use the CLI instead of the GUI" on page 30 Related How To Notes Allied Telesis offers How To Notes with a wide range of VPN solutions, from quick and simple solutions for connecting home and remote offices, to advanced multi-feature setups.

  • Page 3: The Network

    Telesis AR415S router is behind a NAT device. The following diagram shows the LANs and their interfaces and addresses. You can still use this example if you have no NAT device between the Allied Telesis Note: router and the Internet, or if you have a NAT device between the SonicWALL router and the Internet, with slight alterations.

  • Page 4: How To Configure The Allied Telesis Router

    The router setup of steps 2-5 is described in How To Use the Allied Telesis GUI to Customise the Router and Set Up An Internet Connection, which is available from resources/literature/howto.aspx.
  • Page 5 Create the VPN tunnel 1. Open the Configuration Wizards page Log in as either the manager or the security officer. If you log in as the manager, the router changes to secure mode when you finish the VPN wizard and at that stage prompts you to log in again as the security officer.
  • Page 6 2. Start the Site-to-Site VPN wizard 3. Name the VPN connection Page 6 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers Click on the Site-to-Site VPN button. The wizard starts by displaying a welcome message. Click the Next button. Enter an appropriate VPN connection name.
  • Page 7 4. Enter the remote site’s WAN IP address 5. Enter the remote site’s LAN IP address Page 7 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers Enter the public IP address of the other end of the tunnel. In this example, this is 200.200.200.1, which is the IP address of the SonicWALL WAN...
  • Page 8 6. Enter the shared secret key 7. Check the settings Page 8 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers Enter the secret key, which is an alphanumeric string between 2 and 64 characters long. Both routers must use the same secret key.
  • Page 9 8. Specify Peer IDs Peer IDs enable the routers to identify each other when they exchange secret key information. By default, the Peer IDs are the router IP addresses. This does not work when one (or both) routers are behind a separate NAT device, because the NAT device changes the IP addresses.
  • Page 10 9. Check the settings again 10. Finish the wizard Security officer Page 10 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers Check the summary. It now includes the Peer ID settings. If necessary, correct any settings you want to change.
  • Page 11 Manager The browser now indicates that you no longer have permission to view the GUI. Page 11 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers If you are logged in as manager, the GUI displays a message to warn you that you will need to close your browser and re-login as a security officer (see below) once you have...

  • Page 12: Access The Router

    How to configure the SonicWALL router To configure the SonicWALL router, perform the steps in the following sections: "Access the Router" on page 12 "Customise the router and set up the network" on page 15 "Define the LAN subnet of the peer" on page 20 "Create the VPN"...
  • Page 13 3. Browse to the router’s management GUI Browse to 192.168.168.168. If you are using a pop-up blocker, disable it for this address. If you access the Internet through a proxy server, set your browser to bypass the proxy for this address.
  • Page 14 After initial configuration, when you browse to the SonicWALL it may open at the System > Status page instead of the Configuration Wizard page. Click on the Wizards button in the left-hand menu to open the Configuration Wizard page. Page 14 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers The first time you configure your router, the GUI opens at the...
  • Page 15 Customise the router and set up the network The following steps use the Setup wizard to begin configuring your router. 1. Change the administrator password 2. Set the time zone Page 15 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers The first action in the Setup wizard is to enter a suitable password for...
  • Page 16 3. Choose the type of WAN address 4. Enter the WAN settings Page 16 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers In this example, the SonicWALL router has a permanent fixed IP address, so select the Static IP option. Then click the Next button.
  • Page 17 5. Enter the LAN address 6. Set up the DHCP server Page 17 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers Enter the IP address and mask of the SonicWALL’s interface to the LAN. Then click the Next button.
  • Page 18 7. Check the settings Check the summary. If necessary, use the Back button to return and correct any settings you want to change. When all the settings are correct, click the Apply button. The wizard displays a message of congratulations. Click the Close button.
  • Page 19 8. Log in again If you changed the router’s LAN IP address, you need to change the PC’s address. If you turned on the router’s DHCP server, set the PC to obtain its address automatically. Otherwise, give the PC an address in the new subnet. You may need to restart the SonicWALL router to force it to assign an IP address to the PC.
  • Page 20 Before you can configure the VPN, you need to create an address “object”. The address object defines the LAN subnet of the VPN peer router—in this example, the Allied Telesis router. There is no wizard for creating the address object, so the following steps use the Network pages instead.
  • Page 21 "The network" on page settings as shown in the following screenshot. The address object describes the LAN that is connected to the Allied Telesis router. Click the OK button to display the Custom Address Objects summary page again. 3), and other...
  • Page 22 4. Check the settings Check that the object is correct. If you need to change the object, click on the icon of a note and pencil at the right of the object’s entry. Page 22 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers...
  • Page 23 Create the VPN The following steps use the VPN wizard to create the SonicWALL end of the VPN. 1. Return to the Configuration Wizards page 2. Start the Site-to-Site VPN wizard Page 23 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers Click on the Wizards button in the left-hand menu to open the...
  • Page 24 4. Select the networks for each end of the LAN Page 24 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers Name the policy. Enter the pre-shared key, which must be the same as the Allied Telesis router’s secret key. Enter the remote peer...
  • Page 25 5. Specify security settings 6. Check the settings Page 25 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers You do not need to modify the default security settings. Click the Next button. Check the summary. If necessary, use the Back button to return and correct any settings you want to change.
  • Page 26 The wizard displays a message of congratulations. Click the Close button. The GUI displays the VPN > Settings page. Page 26 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers...
  • Page 27 IDs. Select “type” of Domain Name. The values do not have to be real domain names, but must match the values on your Allied Telesis router (remember that “local” on the SonicWALL is “remote” on the Allied Telesis, and so on).
  • Page 28 Click on the Proposals tab. Set Exchange to Main Mode. This is the preferred mode because it is more secure. We also recommend that you change the lifetime for the IPsec (Phase2) Proposal to 3600 seconds, to match the Allied Telesis router. Click OK.

  • Page 29: How To Test The Tunnel

    “Currently Active VPN Tunnels” section. 2. Ping the SonicWALL LAN From the PC attached to the Allied Telesis router, ping the PC attached to the SonicWALL router, or the SonicWALL router’s LAN address.

  • Page 30: How To Use The Cli Instead Of The Gui

    How to use the CLI instead of the GUI This section gives an example of the Allied Telesis CLI commands that you need to enter for the IP, firewall, IPsec and ISAKMP aspects of this configuration. # IP configuration enable ip add ip int=vlan1 ip=192.168.1.1...
  • Page 31 Singapor e 534182 T: +65 6383 3832 F: +65 6383 3830 Allied Telesis is a trademark or registered trademark of Allied Telesis, Inc. in the United States and other countries. in the SonicWALL VPN wizard, for Remote Peer IP Address, enter...

This manual is also suitable for:

R415sAr441sAr442sAr440s

Table of Contents