SonicWALL to pfsense IPsec VPN tunnel

VPN/IPsec/Tunnel/New Phase 1

 

General Information

Key Exchange: IKEv1

Remote Gateway: IP Address of SonicWALL

Description: Whatever you want

 

Phase 1 Proposal (Authentication)

Auth Method: Mutual PSK

Negotiation mode: Aggressive

My identifier: My IP Address

Peer identifier: Peer IP Address

Pre-Shared Key: Click “Generate new Pre-Shared Key” button

 

Phase 1 Proposal (Encryption Algorithm)

Algorithm: 3DES

Hash: SHA1

DH Group: 2(1024 bit)

Lifetime: 28800

 

Advanced Options

Dead Peer Detection: Checked

 

Save it and, click show phase 2 button and click the +Add P2 button

 

General Info

Local Network : LAN subnet

Remote Network : Network   192.168.1.0 / 24

Description: whatever

 

Phase 2 Proposal (SA/Key Exchange)

Protocol: ESP

Algorithms: Uncheck everything, check 3DES

Hash: Uncheck everything, check SHA1

PFS key group: 2 (1024 bit)

Lifetime: 28800

 

Click Save

On the SonicWALL Side, Manage/VPN/Base Settings/Add

 

General

Policy Type: Site to Site

Auth Method: IKE using Preshared Secret

Name: Whatever

IPsec Primary Gateway: IP of pfsense

IPsec Secondary Gateway: Blank

IKE Auth

Shared Secret: Copied from generated one on pfsense

Local IKE ID: IPv4Address – WAN IP Address of SonicWALL

Peer IKE ID: IPv4Address – WAN IP Address of pfsense

 

Network

Choose local network from list: LAN Subnets

Choose destination network from list: Create new address object with a name / VPN / Network / 10.0.0.0 /255.255.255.0

 

Proposals

IKE (Phase 1) Proposal

Exchange: Aggressive Mode

DH Group: Group 2

Encryption: 3DES

Authentication: SHA1

Life Time: 28800

 

Ipsec (Phase 2) Proposal

Protocol: ESP

Encryption: 3DES

Authentication: SHA1

Check the box: Enable Perfect Forward Secrecy

DH Group: Group 2

Life Time: 28800

 

Advanced

Check Enable Keep Alive

Comments are closed.