This article is going to assume that you know a little bit about VPNs and both devices. I know more about the Sonicwalls than i do the Ciscos so I pretty much just run the VPN wizard on the Cisco and change the default settings on the Sonicwall to get the tunnel up.
I have the Cisco behind another Sonicwall so the exchange to set to aggressive, on the Cisco I think the Wizard sets the Exchange to aggressive mode by default, so one less change I had to make on the Cisco. Phase1 is changed to AES-128, SHA1 and a lifetime 86400sec (8 hours). Phase2 is ESP, AES-128, SHA1, and lifetime changed to 86400. I’m sure the tunnel would still come up if you kept the encryption at 3DES, but AES-128 is stronger, and I heard it has less overhead.
I skip the network tab, I’m not going over how to create address objects/groups, but all you do is put in the local and remote LAN networks. On the advanced tab I cleared out keep alive because other firewall is behind another firewall that is NATting so it will have to bring up the tunnel.
Here I enabled NAT traversal, cause once again the Cisco is behind a other firewall that is NATting. Also here is where you would change the IKE negotiation mode (called Exchange on the Sonicwall) to main.
Ping across the tunnel from the Cisco side and with any luck you will have a fully operational IPsec PSK VPN tunnel.
Update: I found this video when seeing how my page was ranking in search engines which is doing very poor, ha but I thought the video might help.
- ONVO6.02-0.35 (-5.49%)AMAVF22.25-1.66 (-6.94%)
- Current Bitcoin Rates
BTC-eHigh: $ 414.29401Low: $ 373.396Buy: $ 388.554Sell: $ 385.684Volume: 9827 BTC
- RT @RT_America: 35,000 walruses forced onto land in Alaska due to decrease in Arctic Sea ice http://t.co/RRJinmXbbE http://t.co/Kgw5SkLTqO, 2 hours ago
- @suck_out_yout uh huh, 3 hours ago
- Yo @netflix, 3 hours ago
- RT @meeraramann: lol k netflix is down #thanksobama, 3 hours ago
- RT @NancyyAliWzni: شوفوا يا مسلمين اللي بتقولوا عنهم كفار شو بيعملوا، و انتو خليكم قتلوا ببعضكم اتعلموا http://t.co/NKpZLb9zY6, 3 hours ago