• Cloud Edge Secure Access
• Welcome to SonicWall Cloud Edge!
• Prerequisites
• Installation
  • Accessing the Client Management Console
  • Installation Methods
• Networks
  • Understanding Networks
  • SDP Networks
  • Regions and Gateways
    • Adding a region
    • Adding a gateway
  • Connecting Infrastructure
    • Prerequisites
    • Site-to-Site Connections
    • IPsec Tunnel
    • WireGuard Connector
    • Connect On-Prem Resources
      • Firewalls
        • SonicWall
    • Connect Cloud Resources
      • Amazon AWS
        • AWS Virtual Gateway
        • AWS Transit Gateway
      • Alibaba Cloud
      • Microsoft Azure
      • Google Cloud Platform
      • Heroku Enterprise
      • IBM Cloud
      • Docker
• Groups and Members
  • Members
    • Inviting Members
    • Password Requirements
    • Managing Roles
  • Groups
    • Managing Groups
    • Identity Provider Groups
  • Identity Providers (IdP)
    • Integrate Identity Providers
    • Azure AD
      • Azure Active Directory (SAML 2.0)
      • Azure Active Directory
    • Google Suite
      • Google Services
      • Google Apps (SAML 2.0)
    • On-Premises Active Directory
    • SAML 2.0
      • Generic SAML
      • Active Directory Federation Services (ADFS)
      • Auth0
      • Okta
      • OneLogin
      • PingIdentity
      • JumpCloud
• Securing the Platform
  • Securing Networks
    • Segmenting Networks
    • Device Posture Check
    • Network Traffic Control
    • Firewall-as-a-Service
  • Securing User Access
    • Multi-Factor Authentication
      • MFA Authentication
      • DUO Security
    • Agent-less Access
      • Zero Trust Application
        • HTTP/HTTPS
        • RDP (Remote Desktop Protocol)
        • SSH (Secure Shell)
        • VNC (Virtual Network Computing)
      • Zero Trust Policies and Rules
    • Agent-based Access
      • SonicWall Agents
        • Downloading and Installation
      • Agents Configuration
        • User-Groups Policies
        • Managing Configurations
        • General Configurations
        • Network Configuration
        • OS-Specific Configurations
• Monitoring
  • Activity Tracking
    • Activities and Logs
    • Member Devices
  • Monitoring Dashboard
  • Integrations
    • Amazon S3
    • Azure Sentinel
    • Splunk Cloud
• Compliance
  • HIPAA
  • GDPR
  • SOC 2 Type 2
• SonicWall Support
  • About This Document

IPsec Tunnel

This article describes the IPSec Site-2-Site tunnel which is a security feature that allows you to create a secure communication link between two different networks located at different sites. By creating the IPSec Tunnel, you can connect your gateway to your local network or cloud services.

To create a tunnel

Navigate to the Networks screen.

Adding a tunnel

By selecting the three-dotted menu (...) on the right of the gateway, the Add Tunnel menu option will open the IPSec Site-2-Site Tunnel screen.

To add a tunnel

1. Select the Add Tunnel menu option and then IPSec Site-2-Site Tunnel.

   

2. Fill in the following details:

   • Name: The name of the Tunnel you want to create.
   • Shared Secret: A pre-shared key is a string of characters (like a password) that will be used by both of the tunnel parties.
   • Public IP: This is the public IP address of the second end of the tunnel,
   • Remote ID: In most cases, the ID of the remote tunnel is the public IP of the tunnel. However, it must be configured to the same value on both ends.
   • SonicWall CloudEdge Gateway Proposed Subnets: The IPSec network selector must be configured to the same value at both ends of the tunnel.
   • Remote Gateway Proposed Subnets: The remote subnet selector must be configured to the same value on both tunnels ends. If you do not specify the subnets, you will need to do so manually using the Routes Table configuration.

3. Select Add Tunnel.

   The fields for the advanced settings depend on the network configuration, such as the type of VPC (Virtual Private Cloud) or firewall. The image below is just provided as an example.