SonicOS 7.1 IPSec VPN
- SonicOS 7.1
- About SonicOS
- IPSec VPN Overview
- Site to Site VPNs
- VPN Auto Provisioning
- Rules and Settings
- Advanced
- DHCP over VPN
- L2TP Servers and VPN Client Access
- AWS VPN
- SonicWall Support
Configuration on the Firewall
As part of the process to create a new VPN connection, an Address Object representing the VPC is added and can be viewed in SonicOS on the Address Objects page. Navigate to OBJECT | Match Objects > Addresses. The convention used to name the object combines the AWS IDs of the VPN connection and the VPC itself. The Address Object is a network type, with the network being that of the remote VPC.
Two VPN policies are also created, showing that AWS uses two VPNs per VPN connection to provide redundancy for a failover mechanism. Navigate to NETWORK | IPSec VPN > Rules and Settings. The VPN policy names used on the firewall are based on the AWS ID for the connection along with a suffix to differentiate between the two policies.
Matching the two VPN policies, two tunnel interfaces are created. Navigate to NETWORK | System > Interfaces. They also use a naming convention based on the ID of the VPN Connection.
Similarly, two route policies are created, both using the Address Object representing the VPC as their destination. Navigate to NETWORK | System > Dynamic Routing. Each one uses a different tunnel interface.
Was This Article Helpful?
Help us to improve our support portal