

Longer, more random secrets are better than short, easily “guessed’ secrets. Make note of what you enter as you will need to enter the same key on the other Sonciwall. Enter your desired “shared secret” for the encryption key.The reason for this is that you are setting up this unit to “listen” for the VPN connection and the remote end will pass this information through upon making the connection. Enter 0.0.0.0 for both the Primary and Secondary gateways.For Name fill in the name that you will be giving the OTHER Sonicwall (the one at the other end of the VPN tunnel).

Now, click the ADD button under VPN Policies, the following will appear: This will be the NAME you use in following steps. On that screen make sure Enable VPN is ticked and then change the “Unique Firewall Identifier” to be something that is easily identifiable like “MASTER” or “VICTORIA FIREWALL” or whatever and click the Accept button. On the master unit perform the following steps: If you only have two units involved then pick one as the master. If you are going to have multiple remote sites coming back to a main site then it only makes sense to make the main site the master. To use this process you have to decide on one Sonicwall as the “master” as it will always “listen” for VPN connections the other Sonicwall will be the initiator. The reason I do this is the process pretty much never fails, is easy to troubleshoot and can be completed in minutes. I find the easiest and fastest way is to use the procedure that Sonicwall recommends when one of the VPN gateway Sonicwalls receives its WAN address via DHCP even if both of your gateway devices have static addresses. Sonicwall let’s you set up site-to-site VPN’s in a number of ways. Site-to-site VPN connections are very easy to create between Sonicwall devices, almost ridiculously easy.
