@cubanhacker
28WITNESSCubano en Los Angeles, California. Technology geek in charge of an IT company, follow me on my daily client meetings and routine to gain a grasp the life of a
steemit.com/@cubanhackerVOTING POWER100.00%
DOWNVOTE POWER100.00%
RESOURCE CREDITS100.00%
REPUTATION PROGRESS40.18%
Net Worth
42.605USD
STEEM
0.001STEEM
SBD
77.872SBD
Own SP
90.114SP
Detailed Balance
| STEEM | ||
| balance | 0.001STEEM | STEEM |
| market_balance | 0.000STEEM | STEEM |
| savings_balance | 0.000STEEM | STEEM |
| reward_steem_balance | 0.000STEEM | STEEM |
| STEEM POWER | ||
| Own SP | 90.114SP | SP |
| Delegated Out | 0.000SP | SP |
| Delegation In | 0.000SP | SP |
| Effective Power | 90.114SP | SP |
| Reward SP (pending) | 0.001SP | SP |
| SBD | ||
| sbd_balance | 77.872SBD | SBD |
| sbd_conversions | 0.000SBD | SBD |
| sbd_market_balance | 0.000SBD | SBD |
| savings_sbd_balance | 0.000SBD | SBD |
| reward_sbd_balance | 0.000SBD | SBD |
{
"balance": "0.001 STEEM",
"savings_balance": "0.000 STEEM",
"reward_steem_balance": "0.000 STEEM",
"vesting_shares": "146564.786217 VESTS",
"delegated_vesting_shares": "0.000000 VESTS",
"received_vesting_shares": "0.000000 VESTS",
"sbd_balance": "77.872 SBD",
"savings_sbd_balance": "0.000 SBD",
"reward_sbd_balance": "0.000 SBD",
"conversions": []
}Account Info
| name | cubanhacker |
| id | 639359 |
| rank | 18,776 |
| reputation | 2387715199 |
| created | 2018-01-22T22:52:03 |
| recovery_account | steem |
| proxy | None |
| post_count | 54 |
| comment_count | 0 |
| lifetime_vote_count | 0 |
| witnesses_voted_for | 3 |
| last_post | 2019-05-24T01:06:36 |
| last_root_post | 2019-05-24T01:06:36 |
| last_vote_time | 2019-05-24T01:22:33 |
| proxied_vsf_votes | 0, 0, 0, 0 |
| can_vote | 1 |
| voting_power | 9,799 |
| delayed_votes | 0 |
| balance | 0.001 STEEM |
| savings_balance | 0.000 STEEM |
| sbd_balance | 77.872 SBD |
| savings_sbd_balance | 0.000 SBD |
| vesting_shares | 146564.786217 VESTS |
| delegated_vesting_shares | 0.000000 VESTS |
| received_vesting_shares | 0.000000 VESTS |
| reward_vesting_balance | 2.040817 VESTS |
| vesting_balance | 0.000 STEEM |
| vesting_withdraw_rate | 0.000000 VESTS |
| next_vesting_withdrawal | 1969-12-31T23:59:59 |
| withdrawn | 0 |
| to_withdraw | 0 |
| withdraw_routes | 0 |
| savings_withdraw_requests | 0 |
| last_account_recovery | 1970-01-01T00:00:00 |
| reset_account | null |
| last_owner_update | 1970-01-01T00:00:00 |
| last_account_update | 2018-02-14T10:43:09 |
| mined | No |
| sbd_seconds | 0 |
| sbd_last_interest_payment | 2018-03-14T19:47:09 |
| savings_sbd_last_interest_payment | 1970-01-01T00:00:00 |
{
"active": {
"account_auths": [],
"key_auths": [
[
"STM7Y6iEcHb63TnKetcv3L1BsYaa5Xc8XBhFtfqjpVpqkMmhteTra",
1
]
],
"weight_threshold": 1
},
"balance": "0.001 STEEM",
"can_vote": true,
"comment_count": 0,
"created": "2018-01-22T22:52:03",
"curation_rewards": 50,
"delegated_vesting_shares": "0.000000 VESTS",
"downvote_manabar": {
"current_mana": 0,
"last_update_time": 1516661523
},
"guest_bloggers": [],
"id": 639359,
"json_metadata": "{\"profile\":{\"profile_image\":\"https://yt3.ggpht.com/-nkUu2gElTxw/AAAAAAAAAAI/AAAAAAAAAAA/rF7641StFQg/s288-mo-c-c0xffffffff-rj-k-no/photo.jpg\",\"name\":\"Cubanhacker\",\"about\":\"Cubano en Los Angeles, California. Technology geek in charge of an IT company, follow me on my daily client meetings and routine to gain a grasp the life of a\",\"location\":\"los angeles,CA\",\"website\":\"http://www.cubanhacker.com/\",\"cover_image\":\"http://www.cubanhacker.com/images/ST%20Cover%202.jpg\"}}",
"last_account_recovery": "1970-01-01T00:00:00",
"last_account_update": "2018-02-14T10:43:09",
"last_owner_update": "1970-01-01T00:00:00",
"last_post": "2019-05-24T01:06:36",
"last_root_post": "2019-05-24T01:06:36",
"last_vote_time": "2019-05-24T01:22:33",
"lifetime_vote_count": 0,
"market_history": [],
"memo_key": "STM8bf2m7gAUMPtx3WpKn7wuC5GihG6pVh4tCbHD1ZGgE34z7NKij",
"mined": false,
"name": "cubanhacker",
"next_vesting_withdrawal": "1969-12-31T23:59:59",
"other_history": [],
"owner": {
"account_auths": [],
"key_auths": [
[
"STM5dc9US7LpnePKLNKKmSdwGBUC4sHFgRXJJe83MqA5tD38cponc",
1
]
],
"weight_threshold": 1
},
"pending_claimed_accounts": 0,
"post_bandwidth": 0,
"post_count": 54,
"post_history": [],
"posting": {
"account_auths": [],
"key_auths": [
[
"STM8A1GD2bhNMHqPAhqe7gxfXpK4vUYsNXiKWRTRHxjT3ikLZBSpw",
1
]
],
"weight_threshold": 1
},
"posting_json_metadata": "{\"profile\":{\"profile_image\":\"https://yt3.ggpht.com/-nkUu2gElTxw/AAAAAAAAAAI/AAAAAAAAAAA/rF7641StFQg/s288-mo-c-c0xffffffff-rj-k-no/photo.jpg\",\"name\":\"Cubanhacker\",\"about\":\"Cubano en Los Angeles, California. Technology geek in charge of an IT company, follow me on my daily client meetings and routine to gain a grasp the life of a\",\"location\":\"los angeles,CA\",\"website\":\"http://www.cubanhacker.com/\",\"cover_image\":\"http://www.cubanhacker.com/images/ST%20Cover%202.jpg\"}}",
"posting_rewards": 155,
"proxied_vsf_votes": [
0,
0,
0,
0
],
"proxy": "",
"received_vesting_shares": "0.000000 VESTS",
"recovery_account": "steem",
"reputation": 2387715199,
"reset_account": "null",
"reward_sbd_balance": "0.000 SBD",
"reward_steem_balance": "0.000 STEEM",
"reward_vesting_balance": "2.040817 VESTS",
"reward_vesting_steem": "0.001 STEEM",
"savings_balance": "0.000 STEEM",
"savings_sbd_balance": "0.000 SBD",
"savings_sbd_last_interest_payment": "1970-01-01T00:00:00",
"savings_sbd_seconds": "0",
"savings_sbd_seconds_last_update": "1970-01-01T00:00:00",
"savings_withdraw_requests": 0,
"sbd_balance": "77.872 SBD",
"sbd_last_interest_payment": "2018-03-14T19:47:09",
"sbd_seconds": "0",
"sbd_seconds_last_update": "2018-03-14T19:47:09",
"tags_usage": [],
"to_withdraw": 0,
"transfer_history": [],
"vesting_balance": "0.000 STEEM",
"vesting_shares": "146564.786217 VESTS",
"vesting_withdraw_rate": "0.000000 VESTS",
"vote_history": [],
"voting_manabar": {
"current_mana": "143633490492",
"last_update_time": 1558660953
},
"voting_power": 9799,
"withdraw_routes": 0,
"withdrawn": 0,
"witness_votes": [
"blockbrothers",
"cubanhacker",
"jerrybanfield"
],
"witnesses_voted_for": 3,
"rank": 18776
}Withdraw Routes
| Incoming | Outgoing |
|---|---|
Empty | Empty |
{
"incoming": [],
"outgoing": []
}From Date
To Date
dotwin1981unvoted witness @cubanhacker2021/01/02 21:52:42
dotwin1981unvoted witness @cubanhacker
2021/01/02 21:52:42
| account | dotwin1981 |
| witness | cubanhacker |
| approve | false |
| Transaction Info | Block #49992914/Trx 709a4fb4d5d1b21d82e0f2f23d6f6384f8004bf1 |
View Raw JSON Data
{
"trx_id": "709a4fb4d5d1b21d82e0f2f23d6f6384f8004bf1",
"block": 49992914,
"trx_in_block": 3,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2021-01-02T21:52:42",
"op": [
"account_witness_vote",
{
"account": "dotwin1981",
"witness": "cubanhacker",
"approve": false
}
]
}dotwin1981voted for witness @cubanhacker2020/03/29 14:58:42
dotwin1981voted for witness @cubanhacker
2020/03/29 14:58:42
| account | dotwin1981 |
| witness | cubanhacker |
| approve | true |
| Transaction Info | Block #42075284/Trx 9a924bf9314f4b24b156b023119af9fe68a21990 |
View Raw JSON Data
{
"trx_id": "9a924bf9314f4b24b156b023119af9fe68a21990",
"block": 42075284,
"trx_in_block": 1,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2020-03-29T14:58:42",
"op": [
"account_witness_vote",
{
"account": "dotwin1981",
"witness": "cubanhacker",
"approve": true
}
]
}cyberspacegodvoted for witness @cubanhacker2020/03/05 18:22:51
cyberspacegodvoted for witness @cubanhacker
2020/03/05 18:22:51
| account | cyberspacegod |
| witness | cubanhacker |
| approve | true |
| Transaction Info | Block #41392834/Trx 4f3bca3490e9c89e4a680d5e168364691df809a2 |
View Raw JSON Data
{
"trx_id": "4f3bca3490e9c89e4a680d5e168364691df809a2",
"block": 41392834,
"trx_in_block": 35,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2020-03-05T18:22:51",
"op": [
"account_witness_vote",
{
"account": "cyberspacegod",
"witness": "cubanhacker",
"approve": true
}
]
}guruvajunvoted witness @cubanhacker2020/02/14 23:45:24
guruvajunvoted witness @cubanhacker
2020/02/14 23:45:24
| account | guruvaj |
| witness | cubanhacker |
| approve | false |
| Transaction Info | Block #40825434/Trx 12dc2ab0577e9d282f4cd4e1011767d93a4a9d48 |
View Raw JSON Data
{
"trx_id": "12dc2ab0577e9d282f4cd4e1011767d93a4a9d48",
"block": 40825434,
"trx_in_block": 28,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2020-02-14T23:45:24",
"op": [
"account_witness_vote",
{
"account": "guruvaj",
"witness": "cubanhacker",
"approve": false
}
]
}guruvajvoted for witness @cubanhacker2020/02/14 21:35:15
guruvajvoted for witness @cubanhacker
2020/02/14 21:35:15
| account | guruvaj |
| witness | cubanhacker |
| approve | true |
| Transaction Info | Block #40822835/Trx 312c6390ad789fa14ec438623ae2f8f09eb041c1 |
View Raw JSON Data
{
"trx_id": "312c6390ad789fa14ec438623ae2f8f09eb041c1",
"block": 40822835,
"trx_in_block": 38,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2020-02-14T21:35:15",
"op": [
"account_witness_vote",
{
"account": "guruvaj",
"witness": "cubanhacker",
"approve": true
}
]
}2020/01/22 23:49:03
2020/01/22 23:49:03
| parent author | cubanhacker |
| parent permlink | testcourse-esjqvm4nkb |
| author | steemitboard |
| permlink | steemitboard-notify-cubanhacker-20200122t234902000z |
| title | |
| body | Congratulations @cubanhacker! You received a personal award! <table><tr><td>https://steemitimages.com/70x70/http://steemitboard.com/@cubanhacker/birthday2.png</td><td>Happy Birthday! - You are on the Steem blockchain for 2 years!</td></tr></table> <sub>_You can view [your badges on your Steem Board](https://steemitboard.com/@cubanhacker) and compare to others on the [Steem Ranking](https://steemitboard.com/ranking/index.php?name=cubanhacker)_</sub> ###### [Vote for @Steemitboard as a witness](https://v2.steemconnect.com/sign/account-witness-vote?witness=steemitboard&approve=1) to get one more award and increased upvotes! |
| json metadata | {"image":["https://steemitboard.com/img/notify.png"]} |
| Transaction Info | Block #40164490/Trx 1cd76128aa238459d55cb4b1c1ac181f3b071bb8 |
View Raw JSON Data
{
"trx_id": "1cd76128aa238459d55cb4b1c1ac181f3b071bb8",
"block": 40164490,
"trx_in_block": 5,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2020-01-22T23:49:03",
"op": [
"comment",
{
"parent_author": "cubanhacker",
"parent_permlink": "testcourse-esjqvm4nkb",
"author": "steemitboard",
"permlink": "steemitboard-notify-cubanhacker-20200122t234902000z",
"title": "",
"body": "Congratulations @cubanhacker! You received a personal award!\n\n<table><tr><td>https://steemitimages.com/70x70/http://steemitboard.com/@cubanhacker/birthday2.png</td><td>Happy Birthday! - You are on the Steem blockchain for 2 years!</td></tr></table>\n\n<sub>_You can view [your badges on your Steem Board](https://steemitboard.com/@cubanhacker) and compare to others on the [Steem Ranking](https://steemitboard.com/ranking/index.php?name=cubanhacker)_</sub>\n\n\n###### [Vote for @Steemitboard as a witness](https://v2.steemconnect.com/sign/account-witness-vote?witness=steemitboard&approve=1) to get one more award and increased upvotes!",
"json_metadata": "{\"image\":[\"https://steemitboard.com/img/notify.png\"]}"
}
]
}dtubesent 0.001 STEEM to @cubanhacker- "Time is running out, claim your DTube account now before anyone else can! Login at https://d.tube"2019/08/22 16:00:24
dtubesent 0.001 STEEM to @cubanhacker- "Time is running out, claim your DTube account now before anyone else can! Login at https://d.tube"
2019/08/22 16:00:24
| from | dtube |
| to | cubanhacker |
| amount | 0.001 STEEM |
| memo | Time is running out, claim your DTube account now before anyone else can! Login at https://d.tube |
| Transaction Info | Block #35779217/Trx 61d7c94d7fc48ffd146bc3b319fcd81717659587 |
View Raw JSON Data
{
"trx_id": "61d7c94d7fc48ffd146bc3b319fcd81717659587",
"block": 35779217,
"trx_in_block": 37,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-08-22T16:00:24",
"op": [
"transfer",
{
"from": "dtube",
"to": "cubanhacker",
"amount": "0.001 STEEM",
"memo": "Time is running out, claim your DTube account now before anyone else can! Login at https://d.tube"
}
]
}2019/05/24 08:47:42
2019/05/24 08:47:42
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | How to configure a site-to-site VPN |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="2_3" layout="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_content_boxes layout="icon-with-title" columns="1" title_size="25" heading_size="2" title_color="" body_color="" backgroundcolor="" icon="fa-network-wired fas" iconflip="" iconrotate="" iconspin="no" iconcolor="#ff9800" icon_circle="" icon_circle_radius="" circlecolor="" circlebordersize="4" circlebordercolor="" outercirclebordersize="5" outercirclebordercolor="#ff9800" icon_size="" icon_hover_type="pulsate" hover_accent_color="#ef7b00" image="" image_id="" image_max_width="" link_type="" button_span="" link_area="" link_target="" icon_align="left" animation_type="" animation_delay="" animation_offset="" animation_direction="left" animation_speed="0.3" margin_top="" margin_bottom="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""][fusion_content_box title="How to configure a site-to-site VPN" backgroundcolor="" icon="" iconflip="" iconrotate="" iconspin="no" iconcolor="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" image="" image_id="" image_max_width="" link="" linktext="Read More" link_target="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_content_box][/fusion_content_boxes][/fusion_builder_column][fusion_builder_column type="1_3" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_widget_area name="avada-blog-sidebar" title_size="" title_color="" background_color="" padding_top="" padding_right="" padding_bottom="" padding_left="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33183537/Trx 71193784e7c90016886398d492e9a350bf00bc01 |
View Raw JSON Data
{
"trx_id": "71193784e7c90016886398d492e9a350bf00bc01",
"block": 33183537,
"trx_in_block": 4,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T08:47:42",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "How to configure a site-to-site VPN",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"2_3\" layout=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_content_boxes layout=\"icon-with-title\" columns=\"1\" title_size=\"25\" heading_size=\"2\" title_color=\"\" body_color=\"\" backgroundcolor=\"\" icon=\"fa-network-wired fas\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"#ff9800\" icon_circle=\"\" icon_circle_radius=\"\" circlecolor=\"\" circlebordersize=\"4\" circlebordercolor=\"\" outercirclebordersize=\"5\" outercirclebordercolor=\"#ff9800\" icon_size=\"\" icon_hover_type=\"pulsate\" hover_accent_color=\"#ef7b00\" image=\"\" image_id=\"\" image_max_width=\"\" link_type=\"\" button_span=\"\" link_area=\"\" link_target=\"\" icon_align=\"left\" animation_type=\"\" animation_delay=\"\" animation_offset=\"\" animation_direction=\"left\" animation_speed=\"0.3\" margin_top=\"\" margin_bottom=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"][fusion_content_box title=\"How to configure a site-to-site VPN\" backgroundcolor=\"\" icon=\"\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link=\"\" linktext=\"Read More\" link_target=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_content_box][/fusion_content_boxes][/fusion_builder_column][fusion_builder_column type=\"1_3\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_widget_area name=\"avada-blog-sidebar\" title_size=\"\" title_color=\"\" background_color=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 08:40:42
2019/05/24 08:40:42
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | How to configure a site-to-site VPN |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" layout="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_content_boxes layout="icon-with-title" columns="1" title_size="25" heading_size="2" title_color="" body_color="" backgroundcolor="" icon="fa-network-wired fas" iconflip="" iconrotate="" iconspin="no" iconcolor="#ff9800" icon_circle="" icon_circle_radius="" circlecolor="" circlebordersize="4" circlebordercolor="" outercirclebordersize="5" outercirclebordercolor="rgba(173,173,173,0.5)" icon_size="" icon_hover_type="" hover_accent_color="" image="" image_id="" image_max_width="" link_type="" button_span="" link_area="" link_target="" icon_align="left" animation_type="" animation_delay="" animation_offset="" animation_direction="left" animation_speed="0.3" margin_top="" margin_bottom="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""][fusion_content_box title="How to configure a site-to-site VPN" backgroundcolor="" icon="" iconflip="" iconrotate="" iconspin="no" iconcolor="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" image="" image_id="" image_max_width="" link="" linktext="Read More" link_target="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_widget_area name="avada-blog-sidebar" title_size="" title_color="" background_color="" padding_top="" padding_right="" padding_bottom="" padding_left="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33183397/Trx 68d64e42cef8e19bbf880de100a23f3faae812b1 |
View Raw JSON Data
{
"trx_id": "68d64e42cef8e19bbf880de100a23f3faae812b1",
"block": 33183397,
"trx_in_block": 0,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T08:40:42",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "How to configure a site-to-site VPN",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" layout=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_content_boxes layout=\"icon-with-title\" columns=\"1\" title_size=\"25\" heading_size=\"2\" title_color=\"\" body_color=\"\" backgroundcolor=\"\" icon=\"fa-network-wired fas\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"#ff9800\" icon_circle=\"\" icon_circle_radius=\"\" circlecolor=\"\" circlebordersize=\"4\" circlebordercolor=\"\" outercirclebordersize=\"5\" outercirclebordercolor=\"rgba(173,173,173,0.5)\" icon_size=\"\" icon_hover_type=\"\" hover_accent_color=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link_type=\"\" button_span=\"\" link_area=\"\" link_target=\"\" icon_align=\"left\" animation_type=\"\" animation_delay=\"\" animation_offset=\"\" animation_direction=\"left\" animation_speed=\"0.3\" margin_top=\"\" margin_bottom=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"][fusion_content_box title=\"How to configure a site-to-site VPN\" backgroundcolor=\"\" icon=\"\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link=\"\" linktext=\"Read More\" link_target=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_widget_area name=\"avada-blog-sidebar\" title_size=\"\" title_color=\"\" background_color=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 08:33:36
2019/05/24 08:33:36
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | How to configure a site-to-site VPN |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" layout="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_content_boxes layout="icon-with-title" columns="1" title_size="20" heading_size="2" title_color="" body_color="" backgroundcolor="" icon="fa-network-wired fas" iconflip="" iconrotate="" iconspin="no" iconcolor="#ff9800" icon_circle="" icon_circle_radius="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" icon_size="" icon_hover_type="" hover_accent_color="" image="" image_id="" image_max_width="" link_type="" button_span="" link_area="" link_target="" icon_align="left" animation_type="" animation_delay="" animation_offset="" animation_direction="left" animation_speed="0.3" margin_top="" margin_bottom="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""][fusion_content_box title="How to configure a site-to-site VPN" backgroundcolor="" icon="" iconflip="" iconrotate="" iconspin="no" iconcolor="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" image="" image_id="" image_max_width="" link="" linktext="Read More" link_target="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_widget_area name="avada-blog-sidebar" title_size="" title_color="" background_color="" padding_top="" padding_right="" padding_bottom="" padding_left="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33183255/Trx 21b5f50288da542f84c24549cdb690f430f9d973 |
View Raw JSON Data
{
"trx_id": "21b5f50288da542f84c24549cdb690f430f9d973",
"block": 33183255,
"trx_in_block": 15,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T08:33:36",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "How to configure a site-to-site VPN",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" layout=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_content_boxes layout=\"icon-with-title\" columns=\"1\" title_size=\"20\" heading_size=\"2\" title_color=\"\" body_color=\"\" backgroundcolor=\"\" icon=\"fa-network-wired fas\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"#ff9800\" icon_circle=\"\" icon_circle_radius=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" icon_size=\"\" icon_hover_type=\"\" hover_accent_color=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link_type=\"\" button_span=\"\" link_area=\"\" link_target=\"\" icon_align=\"left\" animation_type=\"\" animation_delay=\"\" animation_offset=\"\" animation_direction=\"left\" animation_speed=\"0.3\" margin_top=\"\" margin_bottom=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"][fusion_content_box title=\"How to configure a site-to-site VPN\" backgroundcolor=\"\" icon=\"\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link=\"\" linktext=\"Read More\" link_target=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_widget_area name=\"avada-blog-sidebar\" title_size=\"\" title_color=\"\" background_color=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 08:31:18
2019/05/24 08:31:18
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | How to configure a site-to-site VPN |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" layout="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_content_boxes layout="icon-with-title" columns="1" title_size="" heading_size="2" title_color="" body_color="" backgroundcolor="" icon="fa-network-wired fas" iconflip="" iconrotate="" iconspin="no" iconcolor="#ff9800" icon_circle="" icon_circle_radius="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" icon_size="" icon_hover_type="" hover_accent_color="" image="" image_id="" image_max_width="" link_type="" button_span="" link_area="" link_target="" icon_align="left" animation_type="" animation_delay="" animation_offset="" animation_direction="left" animation_speed="0.3" margin_top="" margin_bottom="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""][fusion_content_box title="How to configure a site-to-site VPN" backgroundcolor="" icon="" iconflip="" iconrotate="" iconspin="no" iconcolor="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" image="" image_id="" image_max_width="" link="" linktext="Read More" link_target="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_widget_area name="avada-blog-sidebar" title_size="" title_color="" background_color="" padding_top="" padding_right="" padding_bottom="" padding_left="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33183209/Trx 7db81500a38b5853152b41a75594d5170aeca9ac |
View Raw JSON Data
{
"trx_id": "7db81500a38b5853152b41a75594d5170aeca9ac",
"block": 33183209,
"trx_in_block": 3,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T08:31:18",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "How to configure a site-to-site VPN",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" layout=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_content_boxes layout=\"icon-with-title\" columns=\"1\" title_size=\"\" heading_size=\"2\" title_color=\"\" body_color=\"\" backgroundcolor=\"\" icon=\"fa-network-wired fas\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"#ff9800\" icon_circle=\"\" icon_circle_radius=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" icon_size=\"\" icon_hover_type=\"\" hover_accent_color=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link_type=\"\" button_span=\"\" link_area=\"\" link_target=\"\" icon_align=\"left\" animation_type=\"\" animation_delay=\"\" animation_offset=\"\" animation_direction=\"left\" animation_speed=\"0.3\" margin_top=\"\" margin_bottom=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"][fusion_content_box title=\"How to configure a site-to-site VPN\" backgroundcolor=\"\" icon=\"\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link=\"\" linktext=\"Read More\" link_target=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_widget_area name=\"avada-blog-sidebar\" title_size=\"\" title_color=\"\" background_color=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 08:12:12
2019/05/24 08:12:12
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" layout="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_content_boxes layout="icon-with-title" columns="1" title_size="" heading_size="2" title_color="" body_color="" backgroundcolor="" icon="fa-network-wired fas" iconflip="" iconrotate="" iconspin="no" iconcolor="#ff9800" icon_circle="" icon_circle_radius="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" icon_size="" icon_hover_type="" hover_accent_color="" image="" image_id="" image_max_width="" link_type="" button_span="" link_area="" link_target="" icon_align="left" animation_type="" animation_delay="" animation_offset="" animation_direction="left" animation_speed="0.3" margin_top="" margin_bottom="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""][fusion_content_box title="" backgroundcolor="" icon="" iconflip="" iconrotate="" iconspin="no" iconcolor="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" image="" image_id="" image_max_width="" link="" linktext="Read More" link_target="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_widget_area name="avada-blog-sidebar" title_size="" title_color="" background_color="" padding_top="" padding_right="" padding_bottom="" padding_left="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33182827/Trx 20467e8b129da32f36430c011d09c362fe2bee13 |
View Raw JSON Data
{
"trx_id": "20467e8b129da32f36430c011d09c362fe2bee13",
"block": 33182827,
"trx_in_block": 1,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T08:12:12",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" layout=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_content_boxes layout=\"icon-with-title\" columns=\"1\" title_size=\"\" heading_size=\"2\" title_color=\"\" body_color=\"\" backgroundcolor=\"\" icon=\"fa-network-wired fas\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"#ff9800\" icon_circle=\"\" icon_circle_radius=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" icon_size=\"\" icon_hover_type=\"\" hover_accent_color=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link_type=\"\" button_span=\"\" link_area=\"\" link_target=\"\" icon_align=\"left\" animation_type=\"\" animation_delay=\"\" animation_offset=\"\" animation_direction=\"left\" animation_speed=\"0.3\" margin_top=\"\" margin_bottom=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"][fusion_content_box title=\"\" backgroundcolor=\"\" icon=\"\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link=\"\" linktext=\"Read More\" link_target=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_widget_area name=\"avada-blog-sidebar\" title_size=\"\" title_color=\"\" background_color=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" /][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 08:04:06
2019/05/24 08:04:06
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" layout="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_content_boxes layout="icon-with-title" columns="1" title_size="" heading_size="2" title_color="" body_color="" backgroundcolor="" icon="fa-network-wired fas" iconflip="" iconrotate="" iconspin="no" iconcolor="#ff9800" icon_circle="" icon_circle_radius="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" icon_size="" icon_hover_type="" hover_accent_color="" image="" image_id="" image_max_width="" link_type="" button_span="" link_area="" link_target="" icon_align="left" animation_type="" animation_delay="" animation_offset="" animation_direction="left" animation_speed="0.3" margin_top="" margin_bottom="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""][fusion_content_box title="" backgroundcolor="" icon="" iconflip="" iconrotate="" iconspin="no" iconcolor="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" image="" image_id="" image_max_width="" link="" linktext="Read More" link_target="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33182665/Trx 9274740adb025517546ff9cd48f28f950f10373a |
View Raw JSON Data
{
"trx_id": "9274740adb025517546ff9cd48f28f950f10373a",
"block": 33182665,
"trx_in_block": 16,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T08:04:06",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" layout=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_content_boxes layout=\"icon-with-title\" columns=\"1\" title_size=\"\" heading_size=\"2\" title_color=\"\" body_color=\"\" backgroundcolor=\"\" icon=\"fa-network-wired fas\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"#ff9800\" icon_circle=\"\" icon_circle_radius=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" icon_size=\"\" icon_hover_type=\"\" hover_accent_color=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link_type=\"\" button_span=\"\" link_area=\"\" link_target=\"\" icon_align=\"left\" animation_type=\"\" animation_delay=\"\" animation_offset=\"\" animation_direction=\"left\" animation_speed=\"0.3\" margin_top=\"\" margin_bottom=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"][fusion_content_box title=\"\" backgroundcolor=\"\" icon=\"\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link=\"\" linktext=\"Read More\" link_target=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_content_box][/fusion_content_boxes][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 08:01:18
2019/05/24 08:01:18
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" layout="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_content_boxes layout="icon-with-title" columns="1" title_size="" heading_size="2" title_color="" body_color="" backgroundcolor="" icon="fa-network-wired fas" iconflip="" iconrotate="" iconspin="no" iconcolor="#ff9800" icon_circle="" icon_circle_radius="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" icon_size="" icon_hover_type="" hover_accent_color="" image="" image_id="" image_max_width="" link_type="" button_span="" link_area="" link_target="" icon_align="left" animation_type="" animation_delay="" animation_offset="" animation_direction="left" animation_speed="0.3" margin_top="" margin_bottom="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""][fusion_content_box title="Your Content Goes Here" backgroundcolor="" icon="" iconflip="" iconrotate="" iconspin="no" iconcolor="" circlecolor="" circlebordercolor="" image="" image_width="" image_height="" link="" linktext="Read More" linktarget="default" animation_type="" animation_direction="left" animation_speed="0.3" ]Your Content Goes Here[/fusion_content_box][/fusion_content_boxes][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33182609/Trx 2f4b5e8781afd64856d8ee660653d0a296ef3c1f |
View Raw JSON Data
{
"trx_id": "2f4b5e8781afd64856d8ee660653d0a296ef3c1f",
"block": 33182609,
"trx_in_block": 20,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T08:01:18",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" layout=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_content_boxes layout=\"icon-with-title\" columns=\"1\" title_size=\"\" heading_size=\"2\" title_color=\"\" body_color=\"\" backgroundcolor=\"\" icon=\"fa-network-wired fas\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"#ff9800\" icon_circle=\"\" icon_circle_radius=\"\" circlecolor=\"\" circlebordersize=\"\" circlebordercolor=\"\" outercirclebordersize=\"\" outercirclebordercolor=\"\" icon_size=\"\" icon_hover_type=\"\" hover_accent_color=\"\" image=\"\" image_id=\"\" image_max_width=\"\" link_type=\"\" button_span=\"\" link_area=\"\" link_target=\"\" icon_align=\"left\" animation_type=\"\" animation_delay=\"\" animation_offset=\"\" animation_direction=\"left\" animation_speed=\"0.3\" margin_top=\"\" margin_bottom=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"][fusion_content_box title=\"Your Content Goes Here\" backgroundcolor=\"\" icon=\"\" iconflip=\"\" iconrotate=\"\" iconspin=\"no\" iconcolor=\"\" circlecolor=\"\" circlebordercolor=\"\" image=\"\" image_width=\"\" image_height=\"\" link=\"\" linktext=\"Read More\" linktarget=\"default\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" ]Your Content Goes Here[/fusion_content_box][/fusion_content_boxes][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 07:57:48
2019/05/24 07:57:48
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" layout="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33182539/Trx 9b826efda7b4f80b925c89b7acd49a19a9d7f571 |
View Raw JSON Data
{
"trx_id": "9b826efda7b4f80b925c89b7acd49a19a9d7f571",
"block": 33182539,
"trx_in_block": 0,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T07:57:48",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" layout=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 07:56:15
2019/05/24 07:56:15
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" layout="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" layout="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33182508/Trx 9793cc7bc16c6ec14f7a8b195dae867913bda461 |
View Raw JSON Data
{
"trx_id": "9793cc7bc16c6ec14f7a8b195dae867913bda461",
"block": 33182508,
"trx_in_block": 23,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T07:56:15",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" layout=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" layout=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 07:09:36
2019/05/24 07:09:36
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33181576/Trx b248aa8c33d8f4236dc3c41ddec31473b6046664 |
View Raw JSON Data
{
"trx_id": "b248aa8c33d8f4236dc3c41ddec31473b6046664",
"block": 33181576,
"trx_in_block": 24,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T07:09:36",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 07:07:45
2019/05/24 07:07:45
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left=""][fusion_builder_row][fusion_builder_column type="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][fusion_builder_column type="2_3" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]</p> <p></p> <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p> </p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p> <p> </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p> </p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p> <p> </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p> </p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p> </p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p> </p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p> <p> </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p> </p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <p> </p> <ol> <li><strong>Configuration on the dynamic side (RA in my case)</strong></li> </ol> <p> </p> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p> </p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <p> d":5117} --></p> <img class="wp-image-5117" src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" /> <p> </p> <p>Click on Manage on the top menu</p> <p> d":5118} --></p> <img class="wp-image-5118" src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" /> <p> </p> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <p> d":5119} --></p> <img class="wp-image-5119" src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5120} --></p> <img class="wp-image-5120" src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" /> <p> </p> <p>Click on the Add button to add a new site-to-site VPN</p> <p> d":5121} --></p> <img class="wp-image-5121" src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" /> <p> </p> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <p> d":5122} --></p> <img class="wp-image-5122" src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" /> <p> </p> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5123} --></p> <img class="wp-image-5123" src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" /> <p> </p> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <p> d":5124} --></p> <img class="wp-image-5124" src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" /> <p> </p> <p>T</p> <p> </p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <p> d":5125} --></p> <img class="wp-image-5125" src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <p> d":5127} --></p> <img class="wp-image-5127" src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" /> <p> </p> <p>Now let's define the VPN negotiation parameters,</p> <p> </p> <p>Click on "Proposals" tab at the top</p> <p> d":5128} --></p> <img class="wp-image-5128" src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" /> <p> </p> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <p> d":5129} --></p> <img class="wp-image-5129" src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" /> <p> </p> <p>Click OK to complete adding the VPN.</p> <p> </p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p> </p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p> </p> <p>Login to the SonicWall interface with your administrator credentials</p> <p> d":5130} --></p> <img class="wp-image-5130" src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" /> <p> </p> <p>Click on "Manage" on the top menu</p> <p> d":5131} --></p> <img class="wp-image-5131" src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" /> <p> </p> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <p> d":5132} --></p> <img class="wp-image-5132" src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" /> <p> </p> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <p> d":5133} --></p> <img class="wp-image-5133" src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" /> <p> </p> <p>Click on the "Add" button to add a new site-to-site VPN</p> <p> d":5134} --></p> <img class="wp-image-5134" src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" /> <p> </p> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p> </p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <p> d":5136} --></p> <img class="wp-image-5136" src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" /> <p> </p> <p>Click on "Network" tab at the top</p> <p> d":5137} --></p> <img class="wp-image-5137" src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" /> <p> </p> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p> </p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network</p> <p> d":5138} --></p> <img class="wp-image-5138" src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <p> d":5139} --></p> <img class="wp-image-5139" src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" /> <p> </p> <p>Once the "Add address Object" dialog opens,</p> <p> </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask</p> <p> d":5140} --></p> <img class="wp-image-5140" src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" /> <p> </p> <p>Click "Ok" to finish adding the object.</p> <p> </p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <p> d":5141} --></p> <img class="wp-image-5141" src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" /> <p> </p> <p>Click "Ok" to complete adding the VPN link</p> <p> </p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <p> d":5142} --></p> <img class="wp-image-5142" src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" /> <p></p> <p>[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_6" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33181539/Trx c1b5eb276f11df1cc920192427bceefa6a607cdc |
View Raw JSON Data
{
"trx_id": "c1b5eb276f11df1cc920192427bceefa6a607cdc",
"block": 33181539,
"trx_in_block": 28,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T07:07:45",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "<p>[fusion_builder_container hundred_percent=\"no\" hundred_percent_height=\"no\" hundred_percent_height_scroll=\"no\" hundred_percent_height_center_content=\"yes\" equal_height_columns=\"no\" menu_anchor=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" status=\"published\" publish_date=\"\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_position=\"center center\" background_repeat=\"no-repeat\" fade=\"no\" background_parallax=\"none\" enable_mobile=\"no\" parallax_speed=\"0.3\" video_mp4=\"\" video_webm=\"\" video_ogv=\"\" video_url=\"\" video_aspect_ratio=\"16:9\" video_loop=\"yes\" video_mute=\"yes\" video_preview_image=\"\" border_size=\"\" border_color=\"\" border_style=\"solid\" margin_top=\"\" margin_bottom=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\"][fusion_builder_row][fusion_builder_column type=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][fusion_builder_column type=\"2_3\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][fusion_text columns=\"\" column_min_width=\"\" column_spacing=\"\" rule_style=\"default\" rule_size=\"\" rule_color=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\"]</p>\r\n<p></p>\r\n<p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p>\r\n<p>\r\n\r\n</p>\r\n<p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p>\r\n<p>\r\n\r\n</p>\r\n<p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses.</p>\r\n<p>\r\n\r\n</p>\r\n<p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n<p>\r\n\r\n</p>\r\n<ol>\r\n<li><strong>Configuration on the dynamic side (RA in my case)</strong></li>\r\n</ol>\r\n<p>\r\n\r\n</p>\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall firewall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5117} --></p>\r\n<img class=\"wp-image-5117\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on Manage on the top menu</p>\r\n<p>\r\n\r\nd\":5118} --></p>\r\n<img class=\"wp-image-5118\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on VPN on the left-hand side menu and then click on Basic Settings</p>\r\n<p>\r\n\r\nd\":5119} --></p>\r\n<img class=\"wp-image-5119\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5120} --></p>\r\n<img class=\"wp-image-5120\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5121} --></p>\r\n<img class=\"wp-image-5121\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field enter the static public IP address or host name of the other end of the VPN, on the \"Local IKE ID\" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the \"Peer IKE ID\" field I am going to use the remote SonicWall (RA in this case) static public IP</p>\r\n<p>\r\n\r\nd\":5122} --></p>\r\n<img class=\"wp-image-5122\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5123} --></p>\r\n<img class=\"wp-image-5123\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network\" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p>\r\n<p>\r\n\r\nd\":5124} --></p>\r\n<img class=\"wp-image-5124\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>T</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" , I will chose \"Create new address object...\" since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p>\r\n<p>\r\n\r\nd\":5125} --></p>\r\n<img class=\"wp-image-5125\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for RA's remote server, on the \"Zone Assignment\" field, select VPN , since this server can be only reached over the VPN link, on the \"IP Address\" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\nd\":5127} --></p>\r\n<img class=\"wp-image-5127\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n<p>\r\n\r\nd\":5128} --></p>\r\n<img class=\"wp-image-5128\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the exchange field, select \"Aggressive mode\", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p>\r\n<p>\r\n\r\nd\":5129} --></p>\r\n<img class=\"wp-image-5129\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click OK to complete adding the VPN.</p>\r\n<p>\r\n\r\n</p>\r\n<p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p>\r\n<p>\r\n\r\n</p>\r\n<p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p>\r\n<p>\r\n\r\n</p>\r\n<p>Login to the SonicWall interface with your administrator credentials</p>\r\n<p>\r\n\r\nd\":5130} --></p>\r\n<img class=\"wp-image-5130\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Manage\" on the top menu</p>\r\n<p>\r\n\r\nd\":5131} --></p>\r\n<img class=\"wp-image-5131\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"VPN\" on the left-hand side menu and then click on \"Basic Settings\"</p>\r\n<p>\r\n\r\nd\":5132} --></p>\r\n<img class=\"wp-image-5132\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p>\r\n<p>\r\n\r\nd\":5133} --></p>\r\n<img class=\"wp-image-5133\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on the \"Add\" button to add a new site-to-site VPN</p>\r\n<p>\r\n\r\nd\":5134} --></p>\r\n<img class=\"wp-image-5134\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>On the Dialog, on the \"General\" screen you will be able to configure the basics of your vpn connection</p>\r\n<p>\r\n\r\n</p>\r\n<p>On the Field \"Name\", enter a friendly name for the VPN connection, on the \"Shared Secret\" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the \"IPsec Primary Gateway Name or Address\" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the \"Local IKE ID\" field we would enter the SonicWall’s (RA in this case) static public IP, on the \"Peer IKE ID\" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device \"knows\" how to handle the routing:</p>\r\n<p>\r\n\r\nd\":5136} --></p>\r\n<img class=\"wp-image-5136\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click on \"Network\" tab at the top</p>\r\n<p>\r\n\r\nd\":5137} --></p>\r\n<img class=\"wp-image-5137\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose local network”, I will choose \"Create new address object...\" since I just want to allow access to one server located at the RA site.</p>\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens, type a friendly name for the server we want to allow access to, on the \"Zone Assignment\" field, select LAN , since this server is located on the local area network at RA, on the \"Type\" field, select \"Host\" since I just one server to be accessible, on the \"IP Address\" field, enter the local server's internal IP address on RA's local area network</p>\r\n<p>\r\n\r\nd\":5138} --></p>\r\n<img class=\"wp-image-5138\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>For the field \"Choose destination network from the list\" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p>\r\n<p>\r\n\r\nd\":5139} --></p>\r\n<img class=\"wp-image-5139\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Once the \"Add address Object\" dialog opens,</p>\r\n<p>\r\n\r\n</p>\r\n<p>Type a friendly name for QUERETARO's network we want to allow access, on the \"Zone Assignment\" field, select VPN, n the \"Type\" field, select \"Network\" since we want all the computers on QUERETARO to have access, on the \"Network\" field, enter QUERETARO's local area network, on the \"Netmask\" field, enter QUERETARO's local area network mask</p>\r\n<p>\r\n\r\nd\":5140} --></p>\r\n<img class=\"wp-image-5140\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n<p>\r\n\r\n</p>\r\n<p>On \"Proposals\", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the \"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n<p>\r\n\r\nd\":5141} --></p>\r\n<img class=\"wp-image-5141\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" />\r\n<p>\r\n\r\n</p>\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n<p>\r\n\r\n</p>\r\n<p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p>\r\n<p>\r\n\r\nd\":5142} --></p>\r\n<img class=\"wp-image-5142\" src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" />\r\n<p></p>\r\n<p>[/fusion_text][/fusion_builder_column][fusion_builder_column type=\"1_6\" spacing=\"\" center_content=\"no\" link=\"\" target=\"_self\" min_height=\"\" hide_on_mobile=\"small-visibility,medium-visibility,large-visibility\" class=\"\" id=\"\" background_color=\"\" background_image=\"\" background_image_id=\"\" background_position=\"left top\" background_repeat=\"no-repeat\" hover_type=\"none\" border_size=\"0\" border_color=\"\" border_style=\"solid\" border_position=\"all\" border_radius=\"\" box_shadow=\"no\" dimension_box_shadow=\"\" box_shadow_blur=\"0\" box_shadow_spread=\"0\" box_shadow_color=\"\" box_shadow_style=\"\" padding_top=\"\" padding_right=\"\" padding_bottom=\"\" padding_left=\"\" margin_top=\"\" margin_bottom=\"\" animation_type=\"\" animation_direction=\"left\" animation_speed=\"0.3\" animation_offset=\"\" last=\"no\"][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 06:54:00
2019/05/24 06:54:00
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link. </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN. </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses. </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <ol><li><strong>Configuration on the dynamic side (RA in my case)</strong></li></ol> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> d":5117} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" class="wp-image-5117"/> <p>Click on Manage on the top menu</p> d":5118} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" class="wp-image-5118"/> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> d":5119} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" class="wp-image-5119"/> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> d":5120} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" class="wp-image-5120"/> <p>Click on the Add button to add a new site-to-site VPN</p> d":5121} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" class="wp-image-5121"/> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> d":5122} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" class="wp-image-5122"/> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p>Click on "Network" tab at the top</p> d":5123} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" class="wp-image-5123"/> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> d":5124} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" class="wp-image-5124"/> <p>T</p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> d":5125} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" class="wp-image-5125"/> <p>Once the "Add address Object" dialog opens, </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> d":5127} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" class="wp-image-5127"/> <p>Now let's define the VPN negotiation parameters,</p> <p>Click on "Proposals" tab at the top</p> d":5128} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" class="wp-image-5128"/> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> d":5129} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" class="wp-image-5129"/> <p>Click OK to complete adding the VPN.</p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p>Login to the SonicWall interface with your administrator credentials</p> d":5130} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" class="wp-image-5130"/> <p>Click on "Manage" on the top menu</p> d":5131} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" class="wp-image-5131"/> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> d":5132} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" class="wp-image-5132"/> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> d":5133} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" class="wp-image-5133"/> <p>Click on the "Add" button to add a new site-to-site VPN</p> d":5134} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" class="wp-image-5134"/> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> d":5136} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" class="wp-image-5136"/> <p>Click on "Network" tab at the top</p> d":5137} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" class="wp-image-5137"/> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network </p> d":5138} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" class="wp-image-5138"/> <p>Click "Ok" to finish adding the object.</p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> d":5139} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" class="wp-image-5139"/> <p>Once the "Add address Object" dialog opens, </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask </p> d":5140} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" class="wp-image-5140"/> <p>Click "Ok" to finish adding the object.</p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> d":5141} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" class="wp-image-5141"/> <p>Click "Ok" to complete adding the VPN link</p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> d":5142} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" class="wp-image-5142"/> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33181264/Trx fbddf944561ed0313af7f50a6a66bb69979c33a4 |
View Raw JSON Data
{
"trx_id": "fbddf944561ed0313af7f50a6a66bb69979c33a4",
"block": 33181264,
"trx_in_block": 9,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T06:54:00",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "\r\n<p>A site-to-site VPN connection lets branch offices use\r\nthe Internet as a conduit for accessing the main office's intranet. A\r\nsite-to-site VPN allows offices in multiple fixed locations to establish secure\r\nconnections with each other over a public network such as the Internet.</p>\r\n\r\n\r\n\r\n<p>In this video I will show you how to correctly and\r\nsecurely interconnect two remote locations to enable remote users to securely\r\nuse a single server over an aggressive VPN link. </p>\r\n\r\n\r\n\r\n<p>In the process of planning your site to site VPN\r\nimplementation, you will have to ask yourself a few questions:</p>\r\n\r\n\r\n\r\n<p>1 - Does one or both ends of has a dynamic public IP address?\r\nIf so, you will have to use an aggressive mode VPN. </p>\r\n\r\n\r\n\r\n<p>2 - Does both ends of the VPN connection have similar\r\nbrand VPN routers (similar encryption options, if not you will have to decide\r\non the device's matching options?)</p>\r\n\r\n\r\n\r\n<p>In Main mode, the Phase 1 parameters are exchanged in\r\nmultiple rounds with encrypted authentication information</p>\r\n\r\n\r\n\r\n<p>In Aggressive mode, the Phase 1 parameters are\r\nexchanged in a single message with unencrypted authentication information.</p>\r\n\r\n\r\n\r\n<p>Main mode is more secure. Aggressive mode might not be\r\nas secure as Main mode, but it is faster than Main mode. Aggressive mode is\r\ntypically used for remote access VPNs or if one or both peers have dynamic\r\nexternal IP addresses. </p>\r\n\r\n\r\n\r\n<p>In this case we will have to use an aggressive VPN\r\nconnection since one of my branch offices (in QUERETARO) does not have a static\r\npublic IP address.</p>\r\n\r\n\r\n\r\n<p>Since we will be configuring 2 SonicWall Devices,\r\nlet's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n\r\n\r\n\r\n<ol><li><strong>Configuration on the dynamic side (RA in my case)</strong></li></ol>\r\n\r\n\r\n\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n\r\n\r\n\r\n<p>Login to the SonicWall firewall interface with your\r\nadministrator credentials</p>\r\n\r\n\r\nd\":5117} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" class=\"wp-image-5117\"/>\r\n\r\n\r\n\r\n<p>Click on Manage on the top menu</p>\r\n\r\n\r\nd\":5118} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" class=\"wp-image-5118\"/>\r\n\r\n\r\n\r\n<p>Click on VPN on the left-hand side menu and then click\r\non Basic Settings</p>\r\n\r\n\r\nd\":5119} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" class=\"wp-image-5119\"/>\r\n\r\n\r\n\r\n<p>On the next screen you will find the already\r\nconfigured VPN connections and you will be able to add a new one,</p>\r\n\r\n\r\nd\":5120} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" class=\"wp-image-5120\"/>\r\n\r\n\r\n\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n\r\n\r\nd\":5121} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" class=\"wp-image-5121\"/>\r\n\r\n\r\n\r\n<p>On the Dialog, on the General tab you will be able to\r\nconfigure the basics of your vpn connection, on the Field Name, enter a\r\nfriendly name for the VPN connection, I will use RA for mine, in the\r\n\"Shared Secret\" field, enter the secret password required to\r\nauthenticate both ends of the vpn link and confirm the secret on the below\r\nfield, on the \"IPsec Primary Gateway Name or Address\" field enter the\r\nstatic public IP address or host name of the other end of the VPN, on the\r\n\"Local IKE ID\" field we would select Firewall identifier since the\r\nlocal SonicWall does not have a static IP or host name I can use on the\r\n\"Peer IKE ID\" field I am going to use the remote SonicWall (RA in\r\nthis case) static public IP</p>\r\n\r\n\r\nd\":5122} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" class=\"wp-image-5122\"/>\r\n\r\n\r\n\r\n<p>Now let's proceed to define the local and remote\r\nnetworks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall\r\ndevice \"knows\" how to handle the routing</p>\r\n\r\n\r\n\r\n<p>Click on \"Network\" tab at the top</p>\r\n\r\n\r\nd\":5123} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" class=\"wp-image-5123\"/>\r\n\r\n\r\n\r\n<p>For the field \"Choose local network\" I am\r\ngoing to select the LAN subnet since I want all computers in QUERETARO to have\r\naccess to RA's remote server over the VPN link</p>\r\n\r\n\r\nd\":5124} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" class=\"wp-image-5124\"/>\r\n\r\n\r\n\r\n<p>T</p>\r\n\r\n\r\n\r\n<p>For the field \"Choose destination network from\r\nthe list\" , I will chose \"Create new address object...\" since I\r\njust want to allow access to one server located at the RA site, we need to\r\ndefine its IP address on the remote network so the SonicWall knows how to do\r\nthe routing</p>\r\n\r\n\r\nd\":5125} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" class=\"wp-image-5125\"/>\r\n\r\n\r\n\r\n<p>Once the \"Add address Object\" dialog opens, </p>\r\n\r\n\r\n\r\n<p>Type a friendly name for RA's remote server, on the\r\n\"Zone Assignment\" field, select VPN , since this server can be only\r\nreached over the VPN link, on the \"IP Address\" field, enter the remote\r\nserver's internal IP address on RA's remote local area network, once fulfill\r\nall the information requested Click \"Ok\" to finish adding the object.</p>\r\n\r\n\r\nd\":5127} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" class=\"wp-image-5127\"/>\r\n\r\n\r\n\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n\r\n\r\n\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n\r\n\r\nd\":5128} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" class=\"wp-image-5128\"/>\r\n\r\n\r\n\r\n<p>For the exchange field, select \"Aggressive\r\nmode\", all de other fields we can define the specifics of the link\r\nnegotiation, but most importantly, they need to be the same in both ends of the\r\nVPN</p>\r\n\r\n\r\nd\":5129} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" class=\"wp-image-5129\"/>\r\n\r\n\r\n\r\n<p>Click OK to complete adding the VPN.</p>\r\n\r\n\r\n\r\n<p><strong>2 – Let’s connect to the other\r\nSonicWall device, the static IP (RA side on my case)</strong></p>\r\n\r\n\r\n\r\n<p>Now let's connect to RA's SonicWall and configure the\r\nVPN on that side, the steps are similar</p>\r\n\r\n\r\n\r\n<p>Login to the SonicWall interface with your\r\nadministrator credentials</p>\r\n\r\n\r\nd\":5130} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" class=\"wp-image-5130\"/>\r\n\r\n\r\n\r\n<p>Click on \"Manage\" on the top menu</p>\r\n\r\n\r\nd\":5131} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" class=\"wp-image-5131\"/>\r\n\r\n\r\n\r\n<p>Click on \"VPN\" on the left-hand side menu and\r\nthen click on \"Basic Settings\"</p>\r\n\r\n\r\nd\":5132} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" class=\"wp-image-5132\"/>\r\n\r\n\r\n\r\n<p>On the next screen you will find the already\r\nconfigured VPN connections and you will be able to add a new one,</p>\r\n\r\n\r\nd\":5133} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" class=\"wp-image-5133\"/>\r\n\r\n\r\n\r\n<p>Click on the \"Add\" button to add a new\r\nsite-to-site VPN</p>\r\n\r\n\r\nd\":5134} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" class=\"wp-image-5134\"/>\r\n\r\n\r\n\r\n<p>On the Dialog, on the \"General\" screen you\r\nwill be able to configure the basics of your vpn connection</p>\r\n\r\n\r\n\r\n<p>On the Field \"Name\", enter a friendly name\r\nfor the VPN connection, on the \"Shared Secret\" field, enter the\r\nsecret password required to authenticate both ends of the vpn link and confirm\r\nthe secret on the below field, on the \"IPsec Primary Gateway Name or\r\nAddress\" field leave it at 0.0.0.0 since the other end has a dynamic IP\r\naddress, on the \"Local IKE ID\" field we would enter the SonicWall’s\r\n(RA in this case) static public IP, on the \"Peer IKE ID\" field I am\r\ngoing to use the remote(QUERETARO) Firewall identifier since the remote does\r\nnot have a static IP or host name I could use ow let's proceed to define the\r\nlocal and remote networks for RA's side of the VPN, this is necessary to ensure\r\nthe SonicWall device \"knows\" how to handle the routing:</p>\r\n\r\n\r\nd\":5136} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" class=\"wp-image-5136\"/>\r\n\r\n\r\n\r\n<p>Click on \"Network\" tab at the top</p>\r\n\r\n\r\nd\":5137} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" class=\"wp-image-5137\"/>\r\n\r\n\r\n\r\n<p>For the field \"Choose local network”, I will choose\r\n\"Create new address object...\" since I just want to allow access to\r\none server located at the RA site.</p>\r\n\r\n\r\n\r\n<p>Once the \"Add address Object\" dialog opens, type\r\na friendly name for the server we want to allow access to, on the \"Zone\r\nAssignment\" field, select LAN , since this server is located on the local\r\narea network at RA, on the \"Type\" field, select \"Host\"\r\nsince I just one server to be accessible, on the \"IP Address\" field,\r\nenter the local server's internal IP\r\naddress on RA's local area network </p>\r\n\r\n\r\nd\":5138} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" class=\"wp-image-5138\"/>\r\n\r\n\r\n\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n\r\n\r\n\r\n<p>For the field \"Choose destination network from\r\nthe list\" we will create another Address Object representing QUERETARO's\r\nlocal area ip range since we want all the computers on that site to have access\r\nto RA's server over the VPN link</p>\r\n\r\n\r\nd\":5139} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" class=\"wp-image-5139\"/>\r\n\r\n\r\n\r\n<p>Once the \"Add address Object\" dialog opens, </p>\r\n\r\n\r\n\r\n<p>Type a friendly name for QUERETARO's network we want\r\nto allow access, on the \"Zone Assignment\" field, select VPN, n the\r\n\"Type\" field, select \"Network\" since we want all the\r\ncomputers on QUERETARO to have access, on the \"Network\" field, enter\r\nQUERETARO's local area network, on the \"Netmask\" field, enter\r\nQUERETARO's local area network mask </p>\r\n\r\n\r\nd\":5140} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" class=\"wp-image-5140\"/>\r\n\r\n\r\n\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n\r\n\r\n\r\n<p>On \"Proposals\", make sure you have the same negotiation\r\nparameters we defined on the QUERETARO side and specially that the\r\n\"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n\r\n\r\nd\":5141} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" class=\"wp-image-5141\"/>\r\n\r\n\r\n\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n\r\n\r\n\r\n<p>The connection process will take place and you will\r\nsee a green indicator on the RA network and you should be able to ping and\r\naccess the provisioned server over the\r\nVPN link.</p>\r\n\r\n\r\nd\":5142} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" class=\"wp-image-5142\"/>\r\n <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}2019/05/24 06:53:39
2019/05/24 06:53:39
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link. </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN. </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses. </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <ol><li><strong>Configuration on the dynamic side (RA in my case)</strong></li></ol> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> d":5117} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" class="wp-image-5117"/> <p>Click on Manage on the top menu</p> d":5118} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" class="wp-image-5118"/> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> d":5119} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" class="wp-image-5119"/> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> d":5120} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" class="wp-image-5120"/> <p>Click on the Add button to add a new site-to-site VPN</p> d":5121} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" class="wp-image-5121"/> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> d":5122} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" class="wp-image-5122"/> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p>Click on "Network" tab at the top</p> d":5123} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" class="wp-image-5123"/> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> d":5124} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" class="wp-image-5124"/> <p>T</p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> d":5125} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" class="wp-image-5125"/> <p>Once the "Add address Object" dialog opens, </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> d":5127} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" class="wp-image-5127"/> <p>Now let's define the VPN negotiation parameters,</p> <p>Click on "Proposals" tab at the top</p> d":5128} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" class="wp-image-5128"/> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> d":5129} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" class="wp-image-5129"/> <p>Click OK to complete adding the VPN.</p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p>Login to the SonicWall interface with your administrator credentials</p> d":5130} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" class="wp-image-5130"/> <p>Click on "Manage" on the top menu</p> d":5131} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" class="wp-image-5131"/> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> d":5132} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" class="wp-image-5132"/> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> d":5133} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" class="wp-image-5133"/> <p>Click on the "Add" button to add a new site-to-site VPN</p> d":5134} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" class="wp-image-5134"/> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> d":5136} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" class="wp-image-5136"/> <p>Click on "Network" tab at the top</p> d":5137} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" class="wp-image-5137"/> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network </p> d":5138} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" class="wp-image-5138"/> <p>Click "Ok" to finish adding the object.</p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> d":5139} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" class="wp-image-5139"/> <p>Once the "Add address Object" dialog opens, </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask </p> d":5140} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" class="wp-image-5140"/> <p>Click "Ok" to finish adding the object.</p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> d":5141} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" class="wp-image-5141"/> <p>Click "Ok" to complete adding the VPN link</p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> d":5142} --> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" class="wp-image-5142"/> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33181257/Trx 97103d795082aeea47d6a4cbd51155d8c7c60fa3 |
View Raw JSON Data
{
"trx_id": "97103d795082aeea47d6a4cbd51155d8c7c60fa3",
"block": 33181257,
"trx_in_block": 18,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T06:53:39",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "\r\n<p>A site-to-site VPN connection lets branch offices use\r\nthe Internet as a conduit for accessing the main office's intranet. A\r\nsite-to-site VPN allows offices in multiple fixed locations to establish secure\r\nconnections with each other over a public network such as the Internet.</p>\r\n\r\n\r\n\r\n<p>In this video I will show you how to correctly and\r\nsecurely interconnect two remote locations to enable remote users to securely\r\nuse a single server over an aggressive VPN link. </p>\r\n\r\n\r\n\r\n<p>In the process of planning your site to site VPN\r\nimplementation, you will have to ask yourself a few questions:</p>\r\n\r\n\r\n\r\n<p>1 - Does one or both ends of has a dynamic public IP address?\r\nIf so, you will have to use an aggressive mode VPN. </p>\r\n\r\n\r\n\r\n<p>2 - Does both ends of the VPN connection have similar\r\nbrand VPN routers (similar encryption options, if not you will have to decide\r\non the device's matching options?)</p>\r\n\r\n\r\n\r\n<p>In Main mode, the Phase 1 parameters are exchanged in\r\nmultiple rounds with encrypted authentication information</p>\r\n\r\n\r\n\r\n<p>In Aggressive mode, the Phase 1 parameters are\r\nexchanged in a single message with unencrypted authentication information.</p>\r\n\r\n\r\n\r\n<p>Main mode is more secure. Aggressive mode might not be\r\nas secure as Main mode, but it is faster than Main mode. Aggressive mode is\r\ntypically used for remote access VPNs or if one or both peers have dynamic\r\nexternal IP addresses. </p>\r\n\r\n\r\n\r\n<p>In this case we will have to use an aggressive VPN\r\nconnection since one of my branch offices (in QUERETARO) does not have a static\r\npublic IP address.</p>\r\n\r\n\r\n\r\n<p>Since we will be configuring 2 SonicWall Devices,\r\nlet's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\r\n\r\n\r\n\r\n<ol><li><strong>Configuration on the dynamic side (RA in my case)</strong></li></ol>\r\n\r\n\r\n\r\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\r\n\r\n\r\n\r\n<p>Login to the SonicWall firewall interface with your\r\nadministrator credentials</p>\r\n\r\n\r\nd\":5117} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" class=\"wp-image-5117\"/>\r\n\r\n\r\n\r\n<p>Click on Manage on the top menu</p>\r\n\r\n\r\nd\":5118} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" class=\"wp-image-5118\"/>\r\n\r\n\r\n\r\n<p>Click on VPN on the left-hand side menu and then click\r\non Basic Settings</p>\r\n\r\n\r\nd\":5119} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" class=\"wp-image-5119\"/>\r\n\r\n\r\n\r\n<p>On the next screen you will find the already\r\nconfigured VPN connections and you will be able to add a new one,</p>\r\n\r\n\r\nd\":5120} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" class=\"wp-image-5120\"/>\r\n\r\n\r\n\r\n<p>Click on the Add button to add a new site-to-site VPN</p>\r\n\r\n\r\nd\":5121} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" class=\"wp-image-5121\"/>\r\n\r\n\r\n\r\n<p>On the Dialog, on the General tab you will be able to\r\nconfigure the basics of your vpn connection, on the Field Name, enter a\r\nfriendly name for the VPN connection, I will use RA for mine, in the\r\n\"Shared Secret\" field, enter the secret password required to\r\nauthenticate both ends of the vpn link and confirm the secret on the below\r\nfield, on the \"IPsec Primary Gateway Name or Address\" field enter the\r\nstatic public IP address or host name of the other end of the VPN, on the\r\n\"Local IKE ID\" field we would select Firewall identifier since the\r\nlocal SonicWall does not have a static IP or host name I can use on the\r\n\"Peer IKE ID\" field I am going to use the remote SonicWall (RA in\r\nthis case) static public IP</p>\r\n\r\n\r\nd\":5122} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" class=\"wp-image-5122\"/>\r\n\r\n\r\n\r\n<p>Now let's proceed to define the local and remote\r\nnetworks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall\r\ndevice \"knows\" how to handle the routing</p>\r\n\r\n\r\n\r\n<p>Click on \"Network\" tab at the top</p>\r\n\r\n\r\nd\":5123} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" class=\"wp-image-5123\"/>\r\n\r\n\r\n\r\n<p>For the field \"Choose local network\" I am\r\ngoing to select the LAN subnet since I want all computers in QUERETARO to have\r\naccess to RA's remote server over the VPN link</p>\r\n\r\n\r\nd\":5124} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" class=\"wp-image-5124\"/>\r\n\r\n\r\n\r\n<p>T</p>\r\n\r\n\r\n\r\n<p>For the field \"Choose destination network from\r\nthe list\" , I will chose \"Create new address object...\" since I\r\njust want to allow access to one server located at the RA site, we need to\r\ndefine its IP address on the remote network so the SonicWall knows how to do\r\nthe routing</p>\r\n\r\n\r\nd\":5125} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" class=\"wp-image-5125\"/>\r\n\r\n\r\n\r\n<p>Once the \"Add address Object\" dialog opens, </p>\r\n\r\n\r\n\r\n<p>Type a friendly name for RA's remote server, on the\r\n\"Zone Assignment\" field, select VPN , since this server can be only\r\nreached over the VPN link, on the \"IP Address\" field, enter the remote\r\nserver's internal IP address on RA's remote local area network, once fulfill\r\nall the information requested Click \"Ok\" to finish adding the object.</p>\r\n\r\n\r\nd\":5127} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" class=\"wp-image-5127\"/>\r\n\r\n\r\n\r\n<p>Now let's define the VPN negotiation parameters,</p>\r\n\r\n\r\n\r\n<p>Click on \"Proposals\" tab at the top</p>\r\n\r\n\r\nd\":5128} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" class=\"wp-image-5128\"/>\r\n\r\n\r\n\r\n<p>For the exchange field, select \"Aggressive\r\nmode\", all de other fields we can define the specifics of the link\r\nnegotiation, but most importantly, they need to be the same in both ends of the\r\nVPN</p>\r\n\r\n\r\nd\":5129} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" class=\"wp-image-5129\"/>\r\n\r\n\r\n\r\n<p>Click OK to complete adding the VPN.</p>\r\n\r\n\r\n\r\n<p><strong>2 – Let’s connect to the other\r\nSonicWall device, the static IP (RA side on my case)</strong></p>\r\n\r\n\r\n\r\n<p>Now let's connect to RA's SonicWall and configure the\r\nVPN on that side, the steps are similar</p>\r\n\r\n\r\n\r\n<p>Login to the SonicWall interface with your\r\nadministrator credentials</p>\r\n\r\n\r\nd\":5130} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" class=\"wp-image-5130\"/>\r\n\r\n\r\n\r\n<p>Click on \"Manage\" on the top menu</p>\r\n\r\n\r\nd\":5131} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" class=\"wp-image-5131\"/>\r\n\r\n\r\n\r\n<p>Click on \"VPN\" on the left-hand side menu and\r\nthen click on \"Basic Settings\"</p>\r\n\r\n\r\nd\":5132} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" class=\"wp-image-5132\"/>\r\n\r\n\r\n\r\n<p>On the next screen you will find the already\r\nconfigured VPN connections and you will be able to add a new one,</p>\r\n\r\n\r\nd\":5133} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" class=\"wp-image-5133\"/>\r\n\r\n\r\n\r\n<p>Click on the \"Add\" button to add a new\r\nsite-to-site VPN</p>\r\n\r\n\r\nd\":5134} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" class=\"wp-image-5134\"/>\r\n\r\n\r\n\r\n<p>On the Dialog, on the \"General\" screen you\r\nwill be able to configure the basics of your vpn connection</p>\r\n\r\n\r\n\r\n<p>On the Field \"Name\", enter a friendly name\r\nfor the VPN connection, on the \"Shared Secret\" field, enter the\r\nsecret password required to authenticate both ends of the vpn link and confirm\r\nthe secret on the below field, on the \"IPsec Primary Gateway Name or\r\nAddress\" field leave it at 0.0.0.0 since the other end has a dynamic IP\r\naddress, on the \"Local IKE ID\" field we would enter the SonicWall’s\r\n(RA in this case) static public IP, on the \"Peer IKE ID\" field I am\r\ngoing to use the remote(QUERETARO) Firewall identifier since the remote does\r\nnot have a static IP or host name I could use ow let's proceed to define the\r\nlocal and remote networks for RA's side of the VPN, this is necessary to ensure\r\nthe SonicWall device \"knows\" how to handle the routing:</p>\r\n\r\n\r\nd\":5136} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" class=\"wp-image-5136\"/>\r\n\r\n\r\n\r\n<p>Click on \"Network\" tab at the top</p>\r\n\r\n\r\nd\":5137} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" class=\"wp-image-5137\"/>\r\n\r\n\r\n\r\n<p>For the field \"Choose local network”, I will choose\r\n\"Create new address object...\" since I just want to allow access to\r\none server located at the RA site.</p>\r\n\r\n\r\n\r\n<p>Once the \"Add address Object\" dialog opens, type\r\na friendly name for the server we want to allow access to, on the \"Zone\r\nAssignment\" field, select LAN , since this server is located on the local\r\narea network at RA, on the \"Type\" field, select \"Host\"\r\nsince I just one server to be accessible, on the \"IP Address\" field,\r\nenter the local server's internal IP\r\naddress on RA's local area network </p>\r\n\r\n\r\nd\":5138} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" class=\"wp-image-5138\"/>\r\n\r\n\r\n\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n\r\n\r\n\r\n<p>For the field \"Choose destination network from\r\nthe list\" we will create another Address Object representing QUERETARO's\r\nlocal area ip range since we want all the computers on that site to have access\r\nto RA's server over the VPN link</p>\r\n\r\n\r\nd\":5139} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" class=\"wp-image-5139\"/>\r\n\r\n\r\n\r\n<p>Once the \"Add address Object\" dialog opens, </p>\r\n\r\n\r\n\r\n<p>Type a friendly name for QUERETARO's network we want\r\nto allow access, on the \"Zone Assignment\" field, select VPN, n the\r\n\"Type\" field, select \"Network\" since we want all the\r\ncomputers on QUERETARO to have access, on the \"Network\" field, enter\r\nQUERETARO's local area network, on the \"Netmask\" field, enter\r\nQUERETARO's local area network mask </p>\r\n\r\n\r\nd\":5140} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" class=\"wp-image-5140\"/>\r\n\r\n\r\n\r\n<p>Click \"Ok\" to finish adding the object.</p>\r\n\r\n\r\n\r\n<p>On \"Proposals\", make sure you have the same negotiation\r\nparameters we defined on the QUERETARO side and specially that the\r\n\"Exchange\" field is set to \"Aggressive Mode\"</p>\r\n\r\n\r\nd\":5141} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" class=\"wp-image-5141\"/>\r\n\r\n\r\n\r\n<p>Click \"Ok\" to complete adding the VPN link</p>\r\n\r\n\r\n\r\n<p>The connection process will take place and you will\r\nsee a green indicator on the RA network and you should be able to ping and\r\naccess the provisioned server over the\r\nVPN link.</p>\r\n\r\n\r\nd\":5142} -->\r\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" class=\"wp-image-5142\"/>\r\n <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}cubanhackerupvoted (100.00%) @cubanhacker / testcourse-esjqvm4nkb2019/05/24 01:22:33
cubanhackerupvoted (100.00%) @cubanhacker / testcourse-esjqvm4nkb
2019/05/24 01:22:33
| voter | cubanhacker |
| author | cubanhacker |
| permlink | testcourse-esjqvm4nkb |
| weight | 10000 (100.00%) |
| Transaction Info | Block #33174642/Trx c264b162c3b646b4977d215bbe352041b56a91ee |
View Raw JSON Data
{
"trx_id": "c264b162c3b646b4977d215bbe352041b56a91ee",
"block": 33174642,
"trx_in_block": 0,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T01:22:33",
"op": [
"vote",
{
"voter": "cubanhacker",
"author": "cubanhacker",
"permlink": "testcourse-esjqvm4nkb",
"weight": 10000
}
]
}cubanhackerupdated options for testcourse-esjqvm4nkb2019/05/24 01:06:36
cubanhackerupdated options for testcourse-esjqvm4nkb
2019/05/24 01:06:36
| author | cubanhacker |
| permlink | testcourse-esjqvm4nkb |
| max accepted payout | 1000000.000 SBD |
| percent steem dollars | 0 |
| allow votes | true |
| allow curation rewards | true |
| extensions | [[0,{"beneficiaries":[{"account":"steempress","weight":1500}]}]] |
| Transaction Info | Block #33174323/Trx 71c3f011d9e7bb54afc6c2f8f34e4ea4d9846887 |
View Raw JSON Data
{
"trx_id": "71c3f011d9e7bb54afc6c2f8f34e4ea4d9846887",
"block": 33174323,
"trx_in_block": 7,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T01:06:36",
"op": [
"comment_options",
{
"author": "cubanhacker",
"permlink": "testcourse-esjqvm4nkb",
"max_accepted_payout": "1000000.000 SBD",
"percent_steem_dollars": 0,
"allow_votes": true,
"allow_curation_rewards": true,
"extensions": [
[
0,
{
"beneficiaries": [
{
"account": "steempress",
"weight": 1500
}
]
}
]
]
}
]
}cubanhackerpublished a new post: testcourse-esjqvm4nkb2019/05/24 01:06:36
cubanhackerpublished a new post: testcourse-esjqvm4nkb
2019/05/24 01:06:36
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | testcourse-esjqvm4nkb |
| title | Test course |
| body | <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/courses/test-course/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/courses/test-course/"} |
| Transaction Info | Block #33174323/Trx 71c3f011d9e7bb54afc6c2f8f34e4ea4d9846887 |
View Raw JSON Data
{
"trx_id": "71c3f011d9e7bb54afc6c2f8f34e4ea4d9846887",
"block": 33174323,
"trx_in_block": 7,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-24T01:06:36",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "testcourse-esjqvm4nkb",
"title": "Test course",
"body": " <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/courses/test-course/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/courses/test-course/\"}"
}
]
}2019/05/18 17:34:21
2019/05/18 17:34:21
| voter | cubanhacker |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| weight | 10000 (100.00%) |
| Transaction Info | Block #33021375/Trx 666de5aeafff104736edc49d12b0e665aa4c38cf |
View Raw JSON Data
{
"trx_id": "666de5aeafff104736edc49d12b0e665aa4c38cf",
"block": 33021375,
"trx_in_block": 11,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-18T17:34:21",
"op": [
"vote",
{
"voter": "cubanhacker",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"weight": 10000
}
]
}2019/05/18 17:18:36
2019/05/18 17:18:36
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| max accepted payout | 1000000.000 SBD |
| percent steem dollars | 0 |
| allow votes | true |
| allow curation rewards | true |
| extensions | [[0,{"beneficiaries":[{"account":"steempress","weight":1500}]}]] |
| Transaction Info | Block #33021060/Trx f5105e39685177c89185e8af1d894f4a98cb7ddc |
View Raw JSON Data
{
"trx_id": "f5105e39685177c89185e8af1d894f4a98cb7ddc",
"block": 33021060,
"trx_in_block": 12,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-18T17:18:36",
"op": [
"comment_options",
{
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"max_accepted_payout": "1000000.000 SBD",
"percent_steem_dollars": 0,
"allow_votes": true,
"allow_curation_rewards": true,
"extensions": [
[
0,
{
"beneficiaries": [
{
"account": "steempress",
"weight": 1500
}
]
}
]
]
}
]
}2019/05/18 17:18:36
2019/05/18 17:18:36
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e |
| title | SonicWall's firewalls come licensed for multiple site-to-site vpn connections. |
| body | <p>A site-to-site VPN connection lets branch offices use the Internet as a conduit for accessing the main office's intranet. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet.</p> <p>In this video I will show you how to correctly and securely interconnect two remote locations to enable remote users to securely use a single server over an aggressive VPN link. </p> <p>In the process of planning your site to site VPN implementation, you will have to ask yourself a few questions:</p> <p>1 - Does one or both ends of has a dynamic public IP address? If so, you will have to use an aggressive mode VPN. </p> <p>2 - Does both ends of the VPN connection have similar brand VPN routers (similar encryption options, if not you will have to decide on the device's matching options?)</p> <p>In Main mode, the Phase 1 parameters are exchanged in multiple rounds with encrypted authentication information</p> <p>In Aggressive mode, the Phase 1 parameters are exchanged in a single message with unencrypted authentication information.</p> <p>Main mode is more secure. Aggressive mode might not be as secure as Main mode, but it is faster than Main mode. Aggressive mode is typically used for remote access VPNs or if one or both peers have dynamic external IP addresses. </p> <p>In this case we will have to use an aggressive VPN connection since one of my branch offices (in QUERETARO) does not have a static public IP address.</p> <p>Since we will be configuring 2 SonicWall Devices, let's name them QUERETARO (dynamic IP) and RA (Static IP)</p> <ol><li><strong>Configuration on the dynamic side (RA in my case)</strong></li></ol> <p>On the dynamic IP SonicWall (QUERETARO) in my case:</p> <p>Login to the SonicWall firewall interface with your administrator credentials</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image001.png" alt="" class="wp-image-5117"/> <p>Click on Manage on the top menu</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image002.png" alt="" class="wp-image-5118"/> <p>Click on VPN on the left-hand side menu and then click on Basic Settings</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image003.png" alt="" class="wp-image-5119"/> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image004.png" alt="" class="wp-image-5120"/> <p>Click on the Add button to add a new site-to-site VPN</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image005.png" alt="" class="wp-image-5121"/> <p>On the Dialog, on the General tab you will be able to configure the basics of your vpn connection, on the Field Name, enter a friendly name for the VPN connection, I will use RA for mine, in the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field enter the static public IP address or host name of the other end of the VPN, on the "Local IKE ID" field we would select Firewall identifier since the local SonicWall does not have a static IP or host name I can use on the "Peer IKE ID" field I am going to use the remote SonicWall (RA in this case) static public IP</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image006.png" alt="" class="wp-image-5122"/> <p>Now let's proceed to define the local and remote networks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing</p> <p>Click on "Network" tab at the top</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image007.png" alt="" class="wp-image-5123"/> <p>For the field "Choose local network" I am going to select the LAN subnet since I want all computers in QUERETARO to have access to RA's remote server over the VPN link</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image008.png" alt="" class="wp-image-5124"/> <p>T</p> <p>For the field "Choose destination network from the list" , I will chose "Create new address object..." since I just want to allow access to one server located at the RA site, we need to define its IP address on the remote network so the SonicWall knows how to do the routing</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image009.png" alt="" class="wp-image-5125"/> <p>Once the "Add address Object" dialog opens, </p> <p>Type a friendly name for RA's remote server, on the "Zone Assignment" field, select VPN , since this server can be only reached over the VPN link, on the "IP Address" field, enter the remote server's internal IP address on RA's remote local area network, once fulfill all the information requested Click "Ok" to finish adding the object.</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image010.png" alt="" class="wp-image-5127"/> <p>Now let's define the VPN negotiation parameters,</p> <p>Click on "Proposals" tab at the top</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image011.png" alt="" class="wp-image-5128"/> <p>For the exchange field, select "Aggressive mode", all de other fields we can define the specifics of the link negotiation, but most importantly, they need to be the same in both ends of the VPN</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image012.png" alt="" class="wp-image-5129"/> <p>Click OK to complete adding the VPN.</p> <p><strong>2 – Let’s connect to the other SonicWall device, the static IP (RA side on my case)</strong></p> <p>Now let's connect to RA's SonicWall and configure the VPN on that side, the steps are similar</p> <p>Login to the SonicWall interface with your administrator credentials</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image013.png" alt="" class="wp-image-5130"/> <p>Click on "Manage" on the top menu</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image014.png" alt="" class="wp-image-5131"/> <p>Click on "VPN" on the left-hand side menu and then click on "Basic Settings"</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image015.png" alt="" class="wp-image-5132"/> <p>On the next screen you will find the already configured VPN connections and you will be able to add a new one,</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image016.png" alt="" class="wp-image-5133"/> <p>Click on the "Add" button to add a new site-to-site VPN</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image017.png" alt="" class="wp-image-5134"/> <p>On the Dialog, on the "General" screen you will be able to configure the basics of your vpn connection</p> <p>On the Field "Name", enter a friendly name for the VPN connection, on the "Shared Secret" field, enter the secret password required to authenticate both ends of the vpn link and confirm the secret on the below field, on the "IPsec Primary Gateway Name or Address" field leave it at 0.0.0.0 since the other end has a dynamic IP address, on the "Local IKE ID" field we would enter the SonicWall’s (RA in this case) static public IP, on the "Peer IKE ID" field I am going to use the remote(QUERETARO) Firewall identifier since the remote does not have a static IP or host name I could use ow let's proceed to define the local and remote networks for RA's side of the VPN, this is necessary to ensure the SonicWall device "knows" how to handle the routing:</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png" alt="" class="wp-image-5136"/> <p>Click on "Network" tab at the top</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image019.png" alt="" class="wp-image-5137"/> <p>For the field "Choose local network”, I will choose "Create new address object..." since I just want to allow access to one server located at the RA site.</p> <p>Once the "Add address Object" dialog opens, type a friendly name for the server we want to allow access to, on the "Zone Assignment" field, select LAN , since this server is located on the local area network at RA, on the "Type" field, select "Host" since I just one server to be accessible, on the "IP Address" field, enter the local server's internal IP address on RA's local area network </p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image020.png" alt="" class="wp-image-5138"/> <p>Click "Ok" to finish adding the object.</p> <p>For the field "Choose destination network from the list" we will create another Address Object representing QUERETARO's local area ip range since we want all the computers on that site to have access to RA's server over the VPN link</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image021.png" alt="" class="wp-image-5139"/> <p>Once the "Add address Object" dialog opens, </p> <p>Type a friendly name for QUERETARO's network we want to allow access, on the "Zone Assignment" field, select VPN, n the "Type" field, select "Network" since we want all the computers on QUERETARO to have access, on the "Network" field, enter QUERETARO's local area network, on the "Netmask" field, enter QUERETARO's local area network mask </p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image022.png" alt="" class="wp-image-5140"/> <p>Click "Ok" to finish adding the object.</p> <p>On "Proposals", make sure you have the same negotiation parameters we defined on the QUERETARO side and specially that the "Exchange" field is set to "Aggressive Mode"</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image023.png" alt="" class="wp-image-5141"/> <p>Click "Ok" to complete adding the VPN link</p> <p>The connection process will take place and you will see a green indicator on the RA network and you should be able to ping and access the provisioned server over the VPN link.</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/image024.png" alt="" class="wp-image-5142"/> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/"} |
| Transaction Info | Block #33021060/Trx f5105e39685177c89185e8af1d894f4a98cb7ddc |
View Raw JSON Data
{
"trx_id": "f5105e39685177c89185e8af1d894f4a98cb7ddc",
"block": 33021060,
"trx_in_block": 12,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-18T17:18:36",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sonicwallsfirewallscomelicensedformultiplesite-to-sitevpnconnections-jlykh0bk9e",
"title": "SonicWall's firewalls come licensed for multiple site-to-site vpn connections.",
"body": "<p>A site-to-site VPN connection lets branch offices use\nthe Internet as a conduit for accessing the main office's intranet. A\nsite-to-site VPN allows offices in multiple fixed locations to establish secure\nconnections with each other over a public network such as the Internet.</p>\n<p>In this video I will show you how to correctly and\nsecurely interconnect two remote locations to enable remote users to securely\nuse a single server over an aggressive VPN link. </p>\n<p>In the process of planning your site to site VPN\nimplementation, you will have to ask yourself a few questions:</p>\n<p>1 - Does one or both ends of has a dynamic public IP address?\nIf so, you will have to use an aggressive mode VPN. </p>\n<p>2 - Does both ends of the VPN connection have similar\nbrand VPN routers (similar encryption options, if not you will have to decide\non the device's matching options?)</p>\n<p>In Main mode, the Phase 1 parameters are exchanged in\nmultiple rounds with encrypted authentication information</p>\n<p>In Aggressive mode, the Phase 1 parameters are\nexchanged in a single message with unencrypted authentication information.</p>\n<p>Main mode is more secure. Aggressive mode might not be\nas secure as Main mode, but it is faster than Main mode. Aggressive mode is\ntypically used for remote access VPNs or if one or both peers have dynamic\nexternal IP addresses. </p>\n<p>In this case we will have to use an aggressive VPN\nconnection since one of my branch offices (in QUERETARO) does not have a static\npublic IP address.</p>\n<p>Since we will be configuring 2 SonicWall Devices,\nlet's name them QUERETARO (dynamic IP) and RA (Static IP)</p>\n<ol><li><strong>Configuration on the dynamic side (RA in my case)</strong></li></ol>\n<p>On the dynamic IP SonicWall (QUERETARO) in my case:</p>\n<p>Login to the SonicWall firewall interface with your\nadministrator credentials</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image001.png\" alt=\"\" class=\"wp-image-5117\"/>\n<p>Click on Manage on the top menu</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image002.png\" alt=\"\" class=\"wp-image-5118\"/>\n<p>Click on VPN on the left-hand side menu and then click\non Basic Settings</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image003.png\" alt=\"\" class=\"wp-image-5119\"/>\n<p>On the next screen you will find the already\nconfigured VPN connections and you will be able to add a new one,</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image004.png\" alt=\"\" class=\"wp-image-5120\"/>\n<p>Click on the Add button to add a new site-to-site VPN</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image005.png\" alt=\"\" class=\"wp-image-5121\"/>\n<p>On the Dialog, on the General tab you will be able to\nconfigure the basics of your vpn connection, on the Field Name, enter a\nfriendly name for the VPN connection, I will use RA for mine, in the\n\"Shared Secret\" field, enter the secret password required to\nauthenticate both ends of the vpn link and confirm the secret on the below\nfield, on the \"IPsec Primary Gateway Name or Address\" field enter the\nstatic public IP address or host name of the other end of the VPN, on the\n\"Local IKE ID\" field we would select Firewall identifier since the\nlocal SonicWall does not have a static IP or host name I can use on the\n\"Peer IKE ID\" field I am going to use the remote SonicWall (RA in\nthis case) static public IP</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image006.png\" alt=\"\" class=\"wp-image-5122\"/>\n<p>Now let's proceed to define the local and remote\nnetworks for QUERETARO's side of the VPN, this is necessary to ensure the SonicWall\ndevice \"knows\" how to handle the routing</p>\n<p>Click on \"Network\" tab at the top</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image007.png\" alt=\"\" class=\"wp-image-5123\"/>\n<p>For the field \"Choose local network\" I am\ngoing to select the LAN subnet since I want all computers in QUERETARO to have\naccess to RA's remote server over the VPN link</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image008.png\" alt=\"\" class=\"wp-image-5124\"/>\n<p>T</p>\n<p>For the field \"Choose destination network from\nthe list\" , I will chose \"Create new address object...\" since I\njust want to allow access to one server located at the RA site, we need to\ndefine its IP address on the remote network so the SonicWall knows how to do\nthe routing</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image009.png\" alt=\"\" class=\"wp-image-5125\"/>\n<p>Once the \"Add address Object\" dialog opens, </p>\n<p>Type a friendly name for RA's remote server, on the\n\"Zone Assignment\" field, select VPN , since this server can be only\nreached over the VPN link, on the \"IP Address\" field, enter the remote\nserver's internal IP address on RA's remote local area network, once fulfill\nall the information requested Click \"Ok\" to finish adding the object.</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image010.png\" alt=\"\" class=\"wp-image-5127\"/>\n<p>Now let's define the VPN negotiation parameters,</p>\n<p>Click on \"Proposals\" tab at the top</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image011.png\" alt=\"\" class=\"wp-image-5128\"/>\n<p>For the exchange field, select \"Aggressive\nmode\", all de other fields we can define the specifics of the link\nnegotiation, but most importantly, they need to be the same in both ends of the\nVPN</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image012.png\" alt=\"\" class=\"wp-image-5129\"/>\n<p>Click OK to complete adding the VPN.</p>\n<p><strong>2 – Let’s connect to the other\nSonicWall device, the static IP (RA side on my case)</strong></p>\n<p>Now let's connect to RA's SonicWall and configure the\nVPN on that side, the steps are similar</p>\n<p>Login to the SonicWall interface with your\nadministrator credentials</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image013.png\" alt=\"\" class=\"wp-image-5130\"/>\n<p>Click on \"Manage\" on the top menu</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image014.png\" alt=\"\" class=\"wp-image-5131\"/>\n<p>Click on \"VPN\" on the left-hand side menu and\nthen click on \"Basic Settings\"</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image015.png\" alt=\"\" class=\"wp-image-5132\"/>\n<p>On the next screen you will find the already\nconfigured VPN connections and you will be able to add a new one,</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image016.png\" alt=\"\" class=\"wp-image-5133\"/>\n<p>Click on the \"Add\" button to add a new\nsite-to-site VPN</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image017.png\" alt=\"\" class=\"wp-image-5134\"/>\n<p>On the Dialog, on the \"General\" screen you\nwill be able to configure the basics of your vpn connection</p>\n<p>On the Field \"Name\", enter a friendly name\nfor the VPN connection, on the \"Shared Secret\" field, enter the\nsecret password required to authenticate both ends of the vpn link and confirm\nthe secret on the below field, on the \"IPsec Primary Gateway Name or\nAddress\" field leave it at 0.0.0.0 since the other end has a dynamic IP\naddress, on the \"Local IKE ID\" field we would enter the SonicWall’s\n(RA in this case) static public IP, on the \"Peer IKE ID\" field I am\ngoing to use the remote(QUERETARO) Firewall identifier since the remote does\nnot have a static IP or host name I could use ow let's proceed to define the\nlocal and remote networks for RA's side of the VPN, this is necessary to ensure\nthe SonicWall device \"knows\" how to handle the routing:</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image018-1.png\" alt=\"\" class=\"wp-image-5136\"/>\n<p>Click on \"Network\" tab at the top</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image019.png\" alt=\"\" class=\"wp-image-5137\"/>\n<p>For the field \"Choose local network”, I will choose\n\"Create new address object...\" since I just want to allow access to\none server located at the RA site.</p>\n<p>Once the \"Add address Object\" dialog opens, type\na friendly name for the server we want to allow access to, on the \"Zone\nAssignment\" field, select LAN , since this server is located on the local\narea network at RA, on the \"Type\" field, select \"Host\"\nsince I just one server to be accessible, on the \"IP Address\" field,\nenter the local server's internal IP\naddress on RA's local area network </p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image020.png\" alt=\"\" class=\"wp-image-5138\"/>\n<p>Click \"Ok\" to finish adding the object.</p>\n<p>For the field \"Choose destination network from\nthe list\" we will create another Address Object representing QUERETARO's\nlocal area ip range since we want all the computers on that site to have access\nto RA's server over the VPN link</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image021.png\" alt=\"\" class=\"wp-image-5139\"/>\n<p>Once the \"Add address Object\" dialog opens, </p>\n<p>Type a friendly name for QUERETARO's network we want\nto allow access, on the \"Zone Assignment\" field, select VPN, n the\n\"Type\" field, select \"Network\" since we want all the\ncomputers on QUERETARO to have access, on the \"Network\" field, enter\nQUERETARO's local area network, on the \"Netmask\" field, enter\nQUERETARO's local area network mask </p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image022.png\" alt=\"\" class=\"wp-image-5140\"/>\n<p>Click \"Ok\" to finish adding the object.</p>\n<p>On \"Proposals\", make sure you have the same negotiation\nparameters we defined on the QUERETARO side and specially that the\n\"Exchange\" field is set to \"Aggressive Mode\"</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image023.png\" alt=\"\" class=\"wp-image-5141\"/>\n<p>Click \"Ok\" to complete adding the VPN link</p>\n<p>The connection process will take place and you will\nsee a green indicator on the RA network and you should be able to ping and\naccess the provisioned server over the\nVPN link.</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/image024.png\" alt=\"\" class=\"wp-image-5142\"/>\n <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sonicwalls-firewalls-come-licensed-for-multiple-site-to-site-vpn-connections-%ef%bb%bf/\"}"
}
]
}cubanhackerupvoted (100.00%) @cubanhacker / agressivevpnsonicwalles-4gndvaofmt2019/05/18 00:03:18
cubanhackerupvoted (100.00%) @cubanhacker / agressivevpnsonicwalles-4gndvaofmt
2019/05/18 00:03:18
| voter | cubanhacker |
| author | cubanhacker |
| permlink | agressivevpnsonicwalles-4gndvaofmt |
| weight | 10000 (100.00%) |
| Transaction Info | Block #33000372/Trx ff140c06e43ff2c2215c4fae0b2d48c2c263069d |
View Raw JSON Data
{
"trx_id": "ff140c06e43ff2c2215c4fae0b2d48c2c263069d",
"block": 33000372,
"trx_in_block": 21,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-18T00:03:18",
"op": [
"vote",
{
"voter": "cubanhacker",
"author": "cubanhacker",
"permlink": "agressivevpnsonicwalles-4gndvaofmt",
"weight": 10000
}
]
}cubanhackerupdated options for agressivevpnsonicwalles-4gndvaofmt2019/05/17 23:46:24
cubanhackerupdated options for agressivevpnsonicwalles-4gndvaofmt
2019/05/17 23:46:24
| author | cubanhacker |
| permlink | agressivevpnsonicwalles-4gndvaofmt |
| max accepted payout | 1000000.000 SBD |
| percent steem dollars | 0 |
| allow votes | true |
| allow curation rewards | true |
| extensions | [[0,{"beneficiaries":[{"account":"steempress","weight":1500}]}]] |
| Transaction Info | Block #33000034/Trx 81f463751ab509705434e89d2932b5a519c13b7f |
View Raw JSON Data
{
"trx_id": "81f463751ab509705434e89d2932b5a519c13b7f",
"block": 33000034,
"trx_in_block": 3,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-17T23:46:24",
"op": [
"comment_options",
{
"author": "cubanhacker",
"permlink": "agressivevpnsonicwalles-4gndvaofmt",
"max_accepted_payout": "1000000.000 SBD",
"percent_steem_dollars": 0,
"allow_votes": true,
"allow_curation_rewards": true,
"extensions": [
[
0,
{
"beneficiaries": [
{
"account": "steempress",
"weight": 1500
}
]
}
]
]
}
]
}cubanhackerpublished a new post: agressivevpnsonicwalles-4gndvaofmt2019/05/17 23:46:24
cubanhackerpublished a new post: agressivevpnsonicwalles-4gndvaofmt
2019/05/17 23:46:24
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | agressivevpnsonicwalles-4gndvaofmt |
| title | AGRESSIVE VPN SONICWALL ES |
| body | <p>Los dispositivos de vpn firewall SonicWall vienen licenciados para establecer múltiples conexiones simultaneas de vpn de sitio a sitio que permiten una interconexión segura entre oficinas centrales y sucursales remotas. En este video, le mostraré cual es la manera correcta de interconectar de forma segura dos oficinas en diferentes lugares geográficos para que los usuarios remotos puedan usar de manera segura uno o varios servidores en la oficina central a través de un enlace VPN en modo agresivo.</p> <p>Una conexión VPN de sitio a sitio permite a sucursales u oficinas remotas establecer un conducto de tráfico encriptado para acceder a la intranet de la oficina principal, permitiendo que oficinas en varias ubicaciones distantes establezcan conexiones seguras entre sí a través de una red pública insegura como la Internet.</p> <p>En el proceso de planificación de la implementación de VPN de sitio a sitio, tendrá que hacerse algunas preguntas:</p> <p>1 - ¿uno o ambos extremos de la conexión tienen una dirección IP pública dinámica? Si es así, tendrás que usar un modo agresivo VPN. Si no, puede usar el modo main.</p> <p>2 - ¿Ambos extremos de la conexión VPN tienen enrutadores VPN de marca similar (¿opciones de cifrado similares, si no, tendrá que decidir las opciones de coincidencia del dispositivo?)</p> <p>En el modo "Main", los parámetros de la Fase 1 se intercambian en varias rondas con información de autenticación cifrada</p> <p>En el modo Agresivo, los parámetros de la Fase 1 se intercambian en un solo mensaje con información de autenticación no cifrada.</p> <p>El modo principal es más seguro. El modo agresivo es menos seguro que el modo principal, pero es más rápido que el modo principal. El modo agresivo se usa normalmente para las VPN de acceso remoto o en caso de que una o ambas oficinas tengan direcciones IP externas dinámicas.</p> <p>En este caso, tendremos que usar una conexión VPN agresiva ya que una de mis sucursales (en QUERETARO) no tiene una dirección IP pública estática.</p> <p>Ya que configuraremos 2 Dispositivos Sonicwall, llamémoslos QUERETARO (IP dinámica) y RA (IP estática)</p> <p><strong>1. Procedamos a configurar la unidad en QUERETARO (IP Dinámica)</strong></p> <p>En el IP dinámico Sonicwall (QUERETARO) en mi caso:</p> <p>Inicie sesión en la interfaz de Sonicwall con sus credenciales de administrador</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/1.png" alt="" class="wp-image-5092"/> <p>Haga clic en "Manage" en el menú superior</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/2.png" alt="" class="wp-image-5093"/> <p>Haga clic en VPN en el menú del lado izquierdo y Haga clic en "Basic Settings"</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/3.png" alt="" class="wp-image-5094"/> <p>En la siguiente pantalla encontrará las conexiones VPN ya configuradas y podrá agregar una nueva, para esto haga clic en el botón "Add" para agregar una nueva VPN de sitio a sitio</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/4.png" alt="" class="wp-image-5095"/> <p>En el cuadro de diálogo siguiente, en la pantalla General, podrá configurar los conceptos básicos de su conexión vpn, en el campo "Name", ingrese un nombre descriptivo fácil de recordar para la conexión VPN, llamare el mío RA, en el campo "Shared Secret", ingrese la contraseña secreta requerida para autenticar ambos extremos del enlace vpn, confirme la contraseña en el campo siguiente, en el campo "IPsec Primary Gateway Name or Address" ingrese la dirección IP pública estática o el nombre de host del otro extremo de la VPN, en el campo "Local IKE ID" seleccionaríamos el identificador de Firewall, ya que este sonicwall local no tiene una IP estática o un nombre de host que pueda usar, en el campo "Peer IKE ID", utilizare la dirección IP pública estática del sonicwall remoto (RA en este caso), ahora vamos a definir las redes locales y remotas del sitio QUERETARO de la VPN, esto es necesario para asegurarnos de que el dispositivo Sonicwall "sepa" cómo manejar el enrutamiento sobre el enlace</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/5-1024x560.png" alt="" class="wp-image-5096"/> <p>Haga clic en la pestaña "Network" en la parte superior</p> <p>Para el campo "Choose local network", seleccionaré la subred LAN, ya que quiero que todas las computadoras en QUERETARO tengan acceso al servidor remoto de RA a través del enlace VPN, para el campo "Choose local network", elegiré "Create new address object..." ya que solo quiero permitir el acceso a un servidor ubicado en el sitio de RA y necesito definir la dirección de ese servidor para que la unidad SonicWall sepa donde está ubicado en la red remota</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/6.png" alt="" class="wp-image-5097"/> <p>Una vez que se abre el cuadro de diálogo "Add address Object", escriba un nombre descriptivo para el servidor remoto de RA, en el campo "Zone Assignment", seleccione VPN, ya que solo se puede acceder a este servidor a través del enlace VPN, en el campo "IP Address", ingrese la dirección IP interna del servidor remoto en la red de área local remota de RA y haga clic en "Ok" para terminar de agregar el objeto.</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/7.png" alt="" class="wp-image-5100"/> <p>Ahora vamos a definir los parámetros de negociación VPN,</p> <p>Haga clic en la pestaña "Proposals” en la parte superior, para el campo de intercambio, seleccione "Aggresive mode", en los demás campos podemos definir los detalles de la negociación del enlace, pero lo más importante es que deben ser los mismos en ambos extremos de la VPN, haga clic en Aceptar para completar la adición de la nueva conexión VPN.</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/8-1.png" alt="" class="wp-image-5099"/> <p>2 – Procedamos a configurar el SonicWall en RA (extremo de la conexión con IP estatica)</p> <p>Ahora vamos a conectarnos a la Sonicwall del lado RA y configuramos la VPN en ese lado, los pasos son similares</p> <p>Inicie sesión en la interfaz de Sonicwall con sus credenciales de administrador</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/9.png" alt="" class="wp-image-5101"/> <p>Haga clic en "Manage" en el menú superior</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/10.png" alt="" class="wp-image-5102"/> <p>Haga clic en "VPN" en el menú del lado izquierdo y haga clic en "Basic Settings"</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/11.png" alt="" class="wp-image-5103"/> <p>En la siguiente pantalla encontrará las conexiones VPN ya configuradas en el dispositivo VPN sonicwall y podrá agregar una nueva, haga clic en el botón "Add" para agregar una nueva VPN de sitio a sitio</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/12.png" alt="" class="wp-image-5104"/> <p>En el cuadro de diálogo, en la pestaña "General", podrá configurar los detalles básicos de su conexión vpn, en el campo "Name", ingrese un nombre descriptivo para la conexión VPN, en el campo "Shared Secret", ingrese la contraseña secreta requerida para autenticar ambos extremos del enlace vpn y confirme la contraseña en el campo de abajo, n el campo "IPsec Primary Gateway Name or Address", déjelo en 0.0.0.0 ya que el otro extremo tiene una dirección IP dinámica, en el campo "ID de IKE local", ingresaríamos la IP pública estática del sonicwall (RA en este caso), en el campo "Peer IKE ID" usaré el identificador del Firewall remoto (QUERETARO) ya que el remoto no tiene una IP estática o un nombre de host que pueda usar, ahora vamos a definir las redes locales y remotas para el lado de RA de la VPN, esto es necesario para asegurar que el dispositivo Sonicwall "sepa" cómo manejar el enrutamiento</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/13.png" alt="" class="wp-image-5105"/> <p>Haga clic en la pestaña "Network" en la parte superior</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/14.png" alt="" class="wp-image-5106"/> <p>Para el campo "Choose local network", elegiré "Create new address object...", ya que solo quiero permitir el acceso a un servidor ubicado en el sitio de RA.</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/15.png" alt="" class="wp-image-5107"/> <p>Una vez que se abre el cuadro de diálogo "Add address Object", escriba un nombre descriptivo para el servidor al que queremos permitir el acceso, en el campo "Zone Assignment", seleccione LAN, ya que este servidor está ubicado en la red de área local en RA, en el campo "Type", seleccione "Host", ya que solo deseo proveer acceso a un servidor, en el campo "IP Address", ingrese la dirección IP interna del servidor local en la red de área local de RA y finalmente haga clic en "Ok" para terminar de agregar el objeto.</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/16.png" alt="" class="wp-image-5108"/> <p>Para el campo "Choose destination network from the list", crearemos otro objeto de dirección que represente el rango de ip del área local de QUERETARO, ya que queremos que todas las computadoras de ese sitio tengan acceso al servidor de RA a través del enlace VPN.</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/17.png" alt="" class="wp-image-5109"/> <p>Una vez que se abre el diálogo "Add address Object", escriba un nombre descriptivo para la red de QUERETARO que queremos permitir el acceso, en el campo "Zone Assignment", seleccione VPN, en el campo "Type" ,seleccione "Network" ya que queremos que todas las computadoras en QUERETARO tengan acceso, en el campo "Network" , ingrese a la red de área local de QUERETARO, en el campo "Netmask" , ingrese la máscara de red de área local de QUERETARO y haga clic en "Ok" para terminar de agregar el objeto.</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/18.png" alt="" class="wp-image-5110"/> <p>En las "Proposals", asegúrese de tener los mismos parámetros de negociación que definimos en el lado de QUERETARO y, especialmente, que el campo "Exchange” está configurado en "Aggresive Mode"</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/19.png" alt="" class="wp-image-5111"/> <p>Haga clic en "Ok" para completar la adición del enlace VPN, </p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/20.png" alt="" class="wp-image-5112"/> <p>El proceso de conexión se llevará a cabo y verá un indicador verde en la red RA.</p> <img src="https://cubanhacker.com/wp-content/uploads/2019/05/21.png" alt="" class="wp-image-5114"/> <p>Podrá apreciar que el indicador de la conexión en ambos dispositivos se torna verde, indicando que la conexión ha sido establecida.</p> <p>A partir de ese momento podrá hacer ping y conectarse a los recursos habilitados en la oficina principal (RA) desde la oficina remota (QUERETARO)</p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/agressive-vpn-sonicwall-es/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/agressive-vpn-sonicwall-es/"} |
| Transaction Info | Block #33000034/Trx 81f463751ab509705434e89d2932b5a519c13b7f |
View Raw JSON Data
{
"trx_id": "81f463751ab509705434e89d2932b5a519c13b7f",
"block": 33000034,
"trx_in_block": 3,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-05-17T23:46:24",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "agressivevpnsonicwalles-4gndvaofmt",
"title": "AGRESSIVE VPN SONICWALL ES",
"body": "<p>Los\ndispositivos de vpn firewall SonicWall vienen licenciados para establecer\nmúltiples conexiones simultaneas de vpn de sitio a sitio que permiten una interconexión\nsegura entre oficinas centrales y sucursales remotas. En este video, le\nmostraré cual es la manera correcta de interconectar de forma segura dos\noficinas en diferentes lugares geográficos para que los usuarios remotos puedan\nusar de manera segura uno o varios servidores en la oficina central a través de\nun enlace VPN en modo agresivo.</p>\n<p>Una conexión\nVPN de sitio a sitio permite a sucursales u oficinas remotas establecer un\nconducto de tráfico encriptado para acceder a la intranet de la oficina\nprincipal, permitiendo que oficinas en varias ubicaciones distantes establezcan\nconexiones seguras entre sí a través de una red pública insegura como la\nInternet.</p>\n<p>En el proceso\nde planificación de la implementación de VPN de sitio a sitio, tendrá que\nhacerse algunas preguntas:</p>\n<p>1 - ¿uno o\nambos extremos de la conexión tienen una dirección IP pública dinámica? Si es\nasí, tendrás que usar un modo agresivo VPN. Si no, puede usar el modo main.</p>\n<p>2 - ¿Ambos\nextremos de la conexión VPN tienen enrutadores VPN de marca similar (¿opciones\nde cifrado similares, si no, tendrá que decidir las opciones de coincidencia\ndel dispositivo?)</p>\n<p>En el modo\n\"Main\", los parámetros de la Fase 1 se intercambian en varias rondas\ncon información de autenticación cifrada</p>\n<p>En el modo\nAgresivo, los parámetros de la Fase 1 se intercambian en un solo mensaje con\ninformación de autenticación no cifrada.</p>\n<p>El modo\nprincipal es más seguro. El modo agresivo es menos seguro que el modo\nprincipal, pero es más rápido que el modo principal. El modo agresivo se usa\nnormalmente para las VPN de acceso remoto o en caso de que una o ambas oficinas\ntengan direcciones IP externas dinámicas.</p>\n<p>En este caso,\ntendremos que usar una conexión VPN agresiva ya que una de mis sucursales (en\nQUERETARO) no tiene una dirección IP pública estática.</p>\n<p>Ya que\nconfiguraremos 2 Dispositivos Sonicwall, llamémoslos QUERETARO (IP dinámica) y\nRA (IP estática)</p>\n<p><strong>1. Procedamos a configurar la unidad en QUERETARO (IP Dinámica)</strong></p>\n<p>En el IP\ndinámico Sonicwall (QUERETARO) en mi caso:</p>\n<p>Inicie sesión\nen la interfaz de Sonicwall con sus credenciales de administrador</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/1.png\" alt=\"\" class=\"wp-image-5092\"/>\n<p>Haga clic en\n\"Manage\" en el menú superior</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/2.png\" alt=\"\" class=\"wp-image-5093\"/>\n<p>Haga clic en\nVPN en el menú del lado izquierdo y Haga clic en \"Basic Settings\"</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/3.png\" alt=\"\" class=\"wp-image-5094\"/>\n<p>En la\nsiguiente pantalla encontrará las conexiones VPN ya configuradas y podrá\nagregar una nueva, para esto haga clic en el botón \"Add\" para agregar\nuna nueva VPN de sitio a sitio</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/4.png\" alt=\"\" class=\"wp-image-5095\"/>\n<p>En el cuadro\nde diálogo siguiente, en la pantalla General, podrá configurar los conceptos\nbásicos de su conexión vpn, en el campo \"Name\", ingrese un nombre\ndescriptivo fácil de recordar para la conexión VPN, llamare el mío RA, en el\ncampo \"Shared Secret\", ingrese la contraseña secreta requerida para\nautenticar ambos extremos del enlace vpn, confirme la contraseña en el campo\nsiguiente, en el campo \"IPsec Primary Gateway Name or Address\"\ningrese la dirección IP pública estática o el nombre de host del otro extremo\nde la VPN, en el campo \"Local IKE ID\" seleccionaríamos el\nidentificador de Firewall, ya que este sonicwall local no tiene una IP estática\no un nombre de host que pueda usar, en el campo \"Peer IKE ID\", utilizare la dirección IP pública estática\ndel sonicwall remoto (RA en este caso), ahora vamos a definir las redes locales\ny remotas del sitio QUERETARO de la VPN, esto es necesario para asegurarnos de\nque el dispositivo Sonicwall \"sepa\" cómo manejar el enrutamiento\nsobre el enlace</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/5-1024x560.png\" alt=\"\" class=\"wp-image-5096\"/>\n<p>Haga clic en\nla pestaña \"Network\" en la parte superior</p>\n<p>Para el campo\n\"Choose local network\", seleccionaré la subred LAN, ya que quiero que\ntodas las computadoras en QUERETARO tengan acceso al servidor remoto de RA a\ntravés del enlace VPN, para el campo \"Choose local network\", elegiré\n\"Create new address object...\" ya que solo quiero permitir el acceso\na un servidor ubicado en el sitio de RA y necesito definir la dirección de ese\nservidor para que la unidad SonicWall sepa donde está ubicado en la red remota</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/6.png\" alt=\"\" class=\"wp-image-5097\"/>\n<p>Una vez que se\nabre el cuadro de diálogo \"Add address Object\", escriba un nombre\ndescriptivo para el servidor remoto de RA, en el campo \"Zone\nAssignment\", seleccione VPN, ya que solo se puede acceder a este servidor\na través del enlace VPN, en el campo \"IP Address\", ingrese la\ndirección IP interna del servidor remoto en la red de área local remota de RA y\nhaga clic en \"Ok\" para terminar de agregar el objeto.</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/7.png\" alt=\"\" class=\"wp-image-5100\"/>\n<p>Ahora vamos a\ndefinir los parámetros de negociación VPN,</p>\n<p>Haga clic en\nla pestaña \"Proposals” en la parte superior, para el campo de intercambio,\nseleccione \"Aggresive mode\", en los demás campos podemos definir los\ndetalles de la negociación del enlace, pero lo más importante es que deben ser\nlos mismos en ambos extremos de la VPN, haga clic en Aceptar para completar la\nadición de la nueva conexión VPN.</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/8-1.png\" alt=\"\" class=\"wp-image-5099\"/>\n<p>2 – Procedamos\na configurar el SonicWall en RA (extremo de la conexión con IP estatica)</p>\n<p>Ahora vamos a\nconectarnos a la Sonicwall del lado RA y configuramos la VPN en ese lado, los\npasos son similares</p>\n<p>Inicie sesión\nen la interfaz de Sonicwall con sus credenciales de administrador</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/9.png\" alt=\"\" class=\"wp-image-5101\"/>\n<p>Haga clic en\n\"Manage\" en el menú superior</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/10.png\" alt=\"\" class=\"wp-image-5102\"/>\n<p>Haga clic en\n\"VPN\" en el menú del lado izquierdo y haga clic en \"Basic Settings\"</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/11.png\" alt=\"\" class=\"wp-image-5103\"/>\n<p>En la\nsiguiente pantalla encontrará las conexiones VPN ya configuradas en el\ndispositivo VPN sonicwall y podrá agregar una nueva, haga clic en el botón\n\"Add\" para agregar una nueva VPN de sitio a sitio</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/12.png\" alt=\"\" class=\"wp-image-5104\"/>\n<p>En el cuadro\nde diálogo, en la pestaña \"General\", podrá configurar los detalles\nbásicos de su conexión vpn, en el campo \"Name\", ingrese un nombre\ndescriptivo para la conexión VPN, en el campo \"Shared Secret\",\ningrese la contraseña secreta requerida para autenticar ambos extremos del\nenlace vpn y confirme la contraseña en el campo de abajo, n el campo\n\"IPsec Primary Gateway Name or Address\", déjelo en 0.0.0.0 ya que el\notro extremo tiene una dirección IP dinámica, en el campo \"ID de IKE\nlocal\", ingresaríamos la IP pública estática del sonicwall (RA en este\ncaso), en el campo \"Peer IKE ID\" usaré el identificador del Firewall\nremoto (QUERETARO) ya que el remoto no tiene una IP estática o un nombre de\nhost que pueda usar, ahora vamos a definir las redes locales y remotas para el\nlado de RA de la VPN, esto es necesario para asegurar que el dispositivo\nSonicwall \"sepa\" cómo manejar el enrutamiento</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/13.png\" alt=\"\" class=\"wp-image-5105\"/>\n<p>Haga clic en\nla pestaña \"Network\" en la parte superior</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/14.png\" alt=\"\" class=\"wp-image-5106\"/>\n<p>Para el campo\n\"Choose local network\", elegiré \"Create new address\nobject...\", ya que solo quiero permitir el acceso a un servidor ubicado en\nel sitio de RA.</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/15.png\" alt=\"\" class=\"wp-image-5107\"/>\n<p>Una vez que se\nabre el cuadro de diálogo \"Add address Object\", escriba un nombre\ndescriptivo para el servidor al que queremos permitir el acceso, en el campo\n\"Zone Assignment\", seleccione LAN, ya que este servidor está ubicado\nen la red de área local en RA, en el campo \"Type\", seleccione\n\"Host\", ya que solo deseo proveer acceso a un servidor, en el campo\n\"IP Address\", ingrese la dirección IP interna del servidor local en\nla red de área local de RA y finalmente haga clic en \"Ok\" para\nterminar de agregar el objeto.</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/16.png\" alt=\"\" class=\"wp-image-5108\"/>\n<p>Para el campo\n\"Choose destination network from the list\", crearemos otro objeto de\ndirección que represente el rango de ip del área local de QUERETARO, ya que\nqueremos que todas las computadoras de ese sitio tengan acceso al servidor de\nRA a través del enlace VPN.</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/17.png\" alt=\"\" class=\"wp-image-5109\"/>\n<p>Una vez que se\nabre el diálogo \"Add address Object\", escriba un nombre descriptivo\npara la red de QUERETARO que queremos permitir el acceso, en el campo\n\"Zone Assignment\", seleccione VPN, en el campo \"Type\"\n,seleccione \"Network\" ya que queremos que todas las computadoras en\nQUERETARO tengan acceso, en el campo \"Network\" , ingrese a la red de\nárea local de QUERETARO, en el campo \"Netmask\" , ingrese la máscara\nde red de área local de QUERETARO y haga clic en \"Ok\" para terminar\nde agregar el objeto.</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/18.png\" alt=\"\" class=\"wp-image-5110\"/>\n<p>En las\n\"Proposals\", asegúrese de tener los mismos parámetros de negociación\nque definimos en el lado de QUERETARO y, especialmente, que el campo\n\"Exchange” está configurado en \"Aggresive Mode\"</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/19.png\" alt=\"\" class=\"wp-image-5111\"/>\n<p>Haga clic en\n\"Ok\" para completar la adición del enlace VPN, </p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/20.png\" alt=\"\" class=\"wp-image-5112\"/>\n<p>El proceso de\nconexión se llevará a cabo y verá un indicador verde en la red RA.</p>\n<img src=\"https://cubanhacker.com/wp-content/uploads/2019/05/21.png\" alt=\"\" class=\"wp-image-5114\"/>\n<p>Podrá apreciar\nque el indicador de la conexión en ambos dispositivos se torna verde, indicando\nque la conexión ha sido establecida.</p>\n<p>A partir de\nese momento podrá hacer ping y conectarse a los recursos habilitados en la\noficina principal (RA) desde la oficina remota (QUERETARO)</p>\n <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/agressive-vpn-sonicwall-es/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/agressive-vpn-sonicwall-es/\"}"
}
]
}2019/04/26 17:57:12
2019/04/26 17:57:12
| voter | cubanhacker |
| author | cubanhacker |
| permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| weight | 10000 (100.00%) |
| Transaction Info | Block #32388604/Trx b7dedacd0eaa24c7d24f920a42786c56e8928df4 |
View Raw JSON Data
{
"trx_id": "b7dedacd0eaa24c7d24f920a42786c56e8928df4",
"block": 32388604,
"trx_in_block": 39,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-26T17:57:12",
"op": [
"vote",
{
"voter": "cubanhacker",
"author": "cubanhacker",
"permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"weight": 10000
}
]
}2019/04/26 16:36:00
2019/04/26 16:36:00
| voter | cubanhacker |
| author | cubanhacker |
| permlink | sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq |
| weight | 10000 (100.00%) |
| Transaction Info | Block #32386982/Trx 3bb8938efb70bca5b2f1516aac99b61d16994f91 |
View Raw JSON Data
{
"trx_id": "3bb8938efb70bca5b2f1516aac99b61d16994f91",
"block": 32386982,
"trx_in_block": 9,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-26T16:36:00",
"op": [
"vote",
{
"voter": "cubanhacker",
"author": "cubanhacker",
"permlink": "sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq",
"weight": 10000
}
]
}2019/04/26 15:13:21
2019/04/26 15:13:21
| voter | cubanhacker |
| author | cubanhacker |
| permlink | amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io |
| weight | 10000 (100.00%) |
| Transaction Info | Block #32385330/Trx b8473f73413e52a4a443f10e1a21029d8f88aaaa |
View Raw JSON Data
{
"trx_id": "b8473f73413e52a4a443f10e1a21029d8f88aaaa",
"block": 32385330,
"trx_in_block": 11,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-26T15:13:21",
"op": [
"vote",
{
"voter": "cubanhacker",
"author": "cubanhacker",
"permlink": "amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io",
"weight": 10000
}
]
}2019/04/08 20:52:54
2019/04/08 20:52:54
| parent author | cubanhacker |
| parent permlink | sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq |
| author | steemcleaners |
| permlink | re-cubanhacker-sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq-20190408t205251830z |
| title | |
| body | Hello, We have contacted you on Twitter to verify the authorship of your Steemit blog but we have received no response yet. We would be grateful if you could respond to us via Twitter, please. https://twitter.com/steemcleaners/status/1115356660044828672 Please note I am a volunteer that works to ensure that plagiarised content does not get rewarded. I have no way to remove any content from steemit.com. Thank you |
| json metadata | {"tags":["steempress"],"links":["https://twitter.com/steemcleaners/status/1115356660044828672"],"app":"steemit/0.1"} |
| Transaction Info | Block #31875220/Trx 9c1d0e2cfef6bbd6cec8d53dc3078e653ec6072b |
View Raw JSON Data
{
"trx_id": "9c1d0e2cfef6bbd6cec8d53dc3078e653ec6072b",
"block": 31875220,
"trx_in_block": 21,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-08T20:52:54",
"op": [
"comment",
{
"parent_author": "cubanhacker",
"parent_permlink": "sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq",
"author": "steemcleaners",
"permlink": "re-cubanhacker-sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq-20190408t205251830z",
"title": "",
"body": "Hello, \n\nWe have contacted you on Twitter to verify the authorship of your Steemit blog but we have received no response yet. We would be grateful if you could respond to us via Twitter, please. \n\nhttps://twitter.com/steemcleaners/status/1115356660044828672\n\nPlease note I am a volunteer that works to ensure that plagiarised content does not get rewarded. I have no way to remove any content from steemit.com.\n\nThank you",
"json_metadata": "{\"tags\":[\"steempress\"],\"links\":[\"https://twitter.com/steemcleaners/status/1115356660044828672\"],\"app\":\"steemit/0.1\"}"
}
]
}2019/04/08 20:52:45
2019/04/08 20:52:45
| parent author | cubanhacker |
| parent permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| author | steemcleaners |
| permlink | re-cubanhacker-grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9-20190408t205242515z |
| title | |
| body | Hello, We have contacted you on Twitter to verify the authorship of your Steemit blog but we have received no response yet. We would be grateful if you could respond to us via Twitter, please. https://twitter.com/steemcleaners/status/1115356660044828672 Please note I am a volunteer that works to ensure that plagiarised content does not get rewarded. I have no way to remove any content from steemit.com. Thank you |
| json metadata | {"tags":["steempress"],"links":["https://twitter.com/steemcleaners/status/1115356660044828672"],"app":"steemit/0.1"} |
| Transaction Info | Block #31875217/Trx 1b34c319c2a0c6377b3d036a6aa16be3a183c459 |
View Raw JSON Data
{
"trx_id": "1b34c319c2a0c6377b3d036a6aa16be3a183c459",
"block": 31875217,
"trx_in_block": 36,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-08T20:52:45",
"op": [
"comment",
{
"parent_author": "cubanhacker",
"parent_permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"author": "steemcleaners",
"permlink": "re-cubanhacker-grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9-20190408t205242515z",
"title": "",
"body": "Hello, \n\nWe have contacted you on Twitter to verify the authorship of your Steemit blog but we have received no response yet. We would be grateful if you could respond to us via Twitter, please. \n\nhttps://twitter.com/steemcleaners/status/1115356660044828672\n\nPlease note I am a volunteer that works to ensure that plagiarised content does not get rewarded. I have no way to remove any content from steemit.com.\n\nThank you",
"json_metadata": "{\"tags\":[\"steempress\"],\"links\":[\"https://twitter.com/steemcleaners/status/1115356660044828672\"],\"app\":\"steemit/0.1\"}"
}
]
}2019/04/04 18:26:36
2019/04/04 18:26:36
| parent author | cubanhacker |
| parent permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| author | partiko |
| permlink | partiko-re-cubanhacker-grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9-20190404t182635979z |
| title | |
| body | Hello @cubanhacker! This is a friendly reminder that you can **download Partiko today and start earning Steem** easier than ever before! Partiko is a fast and beautiful mobile app for Steem. You can login using your Steem account, browse, post, comment and upvote easily on your phone! You can even **earn up to 3,000 Partiko Points per day**, and easily convert them into Steem token! **Download Partiko now using the link below to receive 1000 Points as bonus right away!** https://partiko.app/referral/partiko |
| json metadata | {"app":"partiko"} |
| Transaction Info | Block #31757539/Trx e479a2920744bcdbcf8364ffc8d8f2e7690aac98 |
View Raw JSON Data
{
"trx_id": "e479a2920744bcdbcf8364ffc8d8f2e7690aac98",
"block": 31757539,
"trx_in_block": 29,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-04T18:26:36",
"op": [
"comment",
{
"parent_author": "cubanhacker",
"parent_permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"author": "partiko",
"permlink": "partiko-re-cubanhacker-grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9-20190404t182635979z",
"title": "",
"body": "Hello @cubanhacker! This is a friendly reminder that you can **download Partiko today and start earning Steem** easier than ever before!\n\nPartiko is a fast and beautiful mobile app for Steem. You can login using your Steem account, browse, post, comment and upvote easily on your phone!\n\nYou can even **earn up to 3,000 Partiko Points per day**, and easily convert them into Steem token!\n\n**Download Partiko now using the link below to receive 1000 Points as bonus right away!**\n\nhttps://partiko.app/referral/partiko",
"json_metadata": "{\"app\":\"partiko\"}"
}
]
}2019/04/02 20:16:54
2019/04/02 20:16:54
| voter | raokoz |
| author | cubanhacker |
| permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| weight | 5000 (50.00%) |
| Transaction Info | Block #31702172/Trx 21579b56a6ec4801f69bab2d58059da5f972a6dd |
View Raw JSON Data
{
"trx_id": "21579b56a6ec4801f69bab2d58059da5f972a6dd",
"block": 31702172,
"trx_in_block": 28,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T20:16:54",
"op": [
"vote",
{
"voter": "raokoz",
"author": "cubanhacker",
"permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"weight": 5000
}
]
}2019/04/02 20:09:33
2019/04/02 20:09:33
| voter | raokoz |
| author | cubanhacker |
| permlink | sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq |
| weight | 5000 (50.00%) |
| Transaction Info | Block #31702025/Trx 3a28cfb4edb49fba41b9ad304204de62176c83ac |
View Raw JSON Data
{
"trx_id": "3a28cfb4edb49fba41b9ad304204de62176c83ac",
"block": 31702025,
"trx_in_block": 32,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T20:09:33",
"op": [
"vote",
{
"voter": "raokoz",
"author": "cubanhacker",
"permlink": "sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq",
"weight": 5000
}
]
}2019/04/02 20:06:54
2019/04/02 20:06:54
| voter | bukiland |
| author | cubanhacker |
| permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| weight | 100 (1.00%) |
| Transaction Info | Block #31701972/Trx b01c2ebbf5c9f3b773084518e45303e5fbdc55fe |
View Raw JSON Data
{
"trx_id": "b01c2ebbf5c9f3b773084518e45303e5fbdc55fe",
"block": 31701972,
"trx_in_block": 7,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T20:06:54",
"op": [
"vote",
{
"voter": "bukiland",
"author": "cubanhacker",
"permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"weight": 100
}
]
}2019/04/02 20:01:45
2019/04/02 20:01:45
| parent author | cubanhacker |
| parent permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| author | cheetah |
| permlink | cheetah-re-cubanhackergrabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| title | |
| body | Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in: `https://www.youtube.com/watch?v=lEy31kSO-KY` |
| json metadata | |
| Transaction Info | Block #31701870/Trx 0a8ef56322dbb2415ff31ef478b5234423dda1f2 |
View Raw JSON Data
{
"trx_id": "0a8ef56322dbb2415ff31ef478b5234423dda1f2",
"block": 31701870,
"trx_in_block": 23,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T20:01:45",
"op": [
"comment",
{
"parent_author": "cubanhacker",
"parent_permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"author": "cheetah",
"permlink": "cheetah-re-cubanhackergrabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"title": "",
"body": "Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:\n`https://www.youtube.com/watch?v=lEy31kSO-KY`",
"json_metadata": ""
}
]
}2019/04/02 20:01:42
2019/04/02 20:01:42
| voter | steeming-hot |
| author | cubanhacker |
| permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| weight | 2 (0.02%) |
| Transaction Info | Block #31701869/Trx c025d677da7dbd9ba6f725924f8b19056d2e386a |
View Raw JSON Data
{
"trx_id": "c025d677da7dbd9ba6f725924f8b19056d2e386a",
"block": 31701869,
"trx_in_block": 34,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T20:01:42",
"op": [
"vote",
{
"voter": "steeming-hot",
"author": "cubanhacker",
"permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"weight": 2
}
]
}2019/04/02 20:01:42
2019/04/02 20:01:42
| voter | cheetah |
| author | cubanhacker |
| permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| weight | 8 (0.08%) |
| Transaction Info | Block #31701869/Trx 6caee5e9e860362cfc2cafb1f0a42ac3f9bbffe1 |
View Raw JSON Data
{
"trx_id": "6caee5e9e860362cfc2cafb1f0a42ac3f9bbffe1",
"block": 31701869,
"trx_in_block": 4,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T20:01:42",
"op": [
"vote",
{
"voter": "cheetah",
"author": "cubanhacker",
"permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"weight": 8
}
]
}2019/04/02 20:01:27
2019/04/02 20:01:27
| author | cubanhacker |
| permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| max accepted payout | 1000000.000 SBD |
| percent steem dollars | 0 |
| allow votes | true |
| allow curation rewards | true |
| extensions | [[0,{"beneficiaries":[{"account":"steempress","weight":1500}]}]] |
| Transaction Info | Block #31701864/Trx 51a940f0f552d1c4b8a99601244469d85911a34a |
View Raw JSON Data
{
"trx_id": "51a940f0f552d1c4b8a99601244469d85911a34a",
"block": 31701864,
"trx_in_block": 18,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T20:01:27",
"op": [
"comment_options",
{
"author": "cubanhacker",
"permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"max_accepted_payout": "1000000.000 SBD",
"percent_steem_dollars": 0,
"allow_votes": true,
"allow_curation_rewards": true,
"extensions": [
[
0,
{
"beneficiaries": [
{
"account": "steempress",
"weight": 1500
}
]
}
]
]
}
]
}2019/04/02 20:01:27
2019/04/02 20:01:27
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9 |
| title | Grabador CCTV NVR Amcrest HD 1080 Lite - Como inicializar el sistema de camaras de seguridad ? |
| body | <center>https://cubanhacker.com/wp-content/uploads/2019/04/grabador-cctv-nvr-amcrest-hd-108.jpg</center> <br/><p>En este video les muestro como configurar el grabador de video de camaras de seguridad en red Amcrest HD 1080 Lite , este grabador de video funciona correctamente con camaras analogas o camaras de seguridad por IP, es posible configurar en el camaras como la cámara de seguridad por ip amcrest 4mp outdoor cámara que podrán encontrar en el siguiente video</p> <figure class="wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper"> https://www.youtube.com/watch?v=lnaCfAPkKVg </div></figure> <p>Compre este sistema nvr amcrest HD 1080-LITE que funciona con cualquier combinacion de hasta 16 entre camaras analogas y camaras ip, junto con un disco duro de 1 TB, esto para tener un tiempo de grabación considerable antes de que se sobreescriban los videos.</p> <p>Sistemas CCTV o sistemas de cirtuito cerrado de tv han existido por varias decadas, la ultima mejora de tecnologia mas notable ha sido la introduccionde grabadores en la red o network video recorders, nvr's ya que permiten conectar camaras en red.</p> <p>Podra en este video aprender la configuración básica de este grabador de video de network amcrest NVR, además de que conocera algunas de sus características.</p> <p>Este NVR Amcrest tiene la posibilidad de ser monitoreado por P2P desde el móvil, utilizando la aplicación propia de la marca, la cual podrán descargar con los codigos QR que les enseño en el video.</p> <p>Si desea comprar el NVR puede ir a uno de los siguientes enlaces dependiendo de cuantos canales requiera.</p> <p>NVR 8 CH https://amzn.to/2UhG1RB<br> NVR 16 CH https://amzn.to/2UgT9q4<br> NVR 32 CH https://amzn.to/2HH5nT3</p> <p>Las camaras de seguridad por ip Amcrest 4MP outdoor podrá conseguirla en el siguiente enlace</p> <figure class="wp-block-embed"><div class="wp-block-embed__wrapper"> https://amzn.to/2TZjRnP </div></figure> <p>El disco duro de 1TB como el que utilizo en mi sistema de seguridad Amcrest lo podrá encontrar en el enlace que coloco a continuación.<br> https://amzn.to/2UigMyy</p> <p>Vea mis otros videos sobre camaras amcrest y sistemas de seguridad en la red:</p> <figure class="wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper"> https://www.youtube.com/watch?v=RCL34WBznm8&list=PLEWrsu79_la46X4-qBvoSZLAbHQaaMOIz </div></figure> <p>Vea mis otros videos sobre unidades de almacenamiento en la red:</p> <figure class="wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper"> https://www.youtube.com/watch?v=HLI5AFHUZJc&list=PLEWrsu79_la7XoG9nTngWNGN2wV6MKOYI </div></figure> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/grabador-cctv-nvr-amcrest-hd-1080-lite-como-inicializar-el-sistema-de-camaras-de-seguridad/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":[""],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/grabador-cctv-nvr-amcrest-hd-1080-lite-como-inicializar-el-sistema-de-camaras-de-seguridad/"} |
| Transaction Info | Block #31701864/Trx 51a940f0f552d1c4b8a99601244469d85911a34a |
View Raw JSON Data
{
"trx_id": "51a940f0f552d1c4b8a99601244469d85911a34a",
"block": 31701864,
"trx_in_block": 18,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T20:01:27",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "grabadorcctvnvramcresthd1080lite-comoinicializarelsistemadecamarasdeseguridad-npupwdico9",
"title": "Grabador CCTV NVR Amcrest HD 1080 Lite - Como inicializar el sistema de camaras de seguridad ?",
"body": "<center>https://cubanhacker.com/wp-content/uploads/2019/04/grabador-cctv-nvr-amcrest-hd-108.jpg</center> <br/><p>En este video les muestro como configurar el grabador de video de camaras de seguridad en red Amcrest HD 1080 Lite , este grabador de video funciona correctamente con camaras analogas o camaras de seguridad por IP, es posible configurar en el camaras como la cámara de seguridad por ip amcrest 4mp outdoor cámara que podrán encontrar en el siguiente video</p>\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\nhttps://www.youtube.com/watch?v=lnaCfAPkKVg\n</div></figure>\n<p>Compre este sistema nvr amcrest HD 1080-LITE que funciona con cualquier combinacion de hasta 16 entre camaras analogas y camaras ip, junto con un disco duro de 1 TB, esto para tener un tiempo de grabación considerable antes de que se sobreescriban los videos.</p>\n<p>Sistemas CCTV o sistemas de cirtuito cerrado de tv han existido por varias decadas, la ultima mejora de tecnologia mas notable ha sido la introduccionde grabadores en la red o network video recorders, nvr's ya que permiten conectar camaras en red.</p>\n<p>Podra en este video aprender la configuración básica de este grabador de video de network amcrest NVR, además de que conocera algunas de sus características.</p>\n<p>Este NVR Amcrest tiene la posibilidad de ser monitoreado por P2P desde el móvil, utilizando la aplicación propia de la marca, la cual podrán descargar con los codigos QR que les enseño en el video.</p>\n<p>Si desea comprar el NVR puede ir a uno de los siguientes enlaces dependiendo de cuantos canales requiera.</p>\n<p>NVR 8 CH https://amzn.to/2UhG1RB<br>\nNVR 16 CH https://amzn.to/2UgT9q4<br>\nNVR 32 CH https://amzn.to/2HH5nT3</p>\n<p>Las camaras de seguridad por ip Amcrest 4MP outdoor podrá conseguirla en el siguiente enlace</p>\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttps://amzn.to/2TZjRnP\n</div></figure>\n<p>El disco duro de 1TB como el que utilizo en mi sistema de seguridad Amcrest lo podrá encontrar en el enlace que coloco a continuación.<br>\nhttps://amzn.to/2UigMyy</p>\n<p>Vea mis otros videos sobre camaras amcrest y sistemas de seguridad en la red:</p>\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\nhttps://www.youtube.com/watch?v=RCL34WBznm8&list=PLEWrsu79_la46X4-qBvoSZLAbHQaaMOIz\n</div></figure>\n<p>Vea mis otros videos sobre unidades de almacenamiento en la red:</p>\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\nhttps://www.youtube.com/watch?v=HLI5AFHUZJc&list=PLEWrsu79_la7XoG9nTngWNGN2wV6MKOYI\n</div></figure>\n <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/grabador-cctv-nvr-amcrest-hd-1080-lite-como-inicializar-el-sistema-de-camaras-de-seguridad/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/grabador-cctv-nvr-amcrest-hd-1080-lite-como-inicializar-el-sistema-de-camaras-de-seguridad/\"}"
}
]
}2019/04/02 19:54:21
2019/04/02 19:54:21
| voter | steeming-hot |
| author | cubanhacker |
| permlink | sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq |
| weight | 2 (0.02%) |
| Transaction Info | Block #31701722/Trx f7fd4a6ee4375d4ab1c2abe586f7dd2b5d8a00ac |
View Raw JSON Data
{
"trx_id": "f7fd4a6ee4375d4ab1c2abe586f7dd2b5d8a00ac",
"block": 31701722,
"trx_in_block": 25,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T19:54:21",
"op": [
"vote",
{
"voter": "steeming-hot",
"author": "cubanhacker",
"permlink": "sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq",
"weight": 2
}
]
}2019/04/02 19:52:00
2019/04/02 19:52:00
| author | cubanhacker |
| permlink | sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq |
| max accepted payout | 1000000.000 SBD |
| percent steem dollars | 0 |
| allow votes | true |
| allow curation rewards | true |
| extensions | [[0,{"beneficiaries":[{"account":"steempress","weight":1500}]}]] |
| Transaction Info | Block #31701675/Trx ed47345757c83687e16fd6e4d6b3f41cdd5a2f3c |
View Raw JSON Data
{
"trx_id": "ed47345757c83687e16fd6e4d6b3f41cdd5a2f3c",
"block": 31701675,
"trx_in_block": 4,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T19:52:00",
"op": [
"comment_options",
{
"author": "cubanhacker",
"permlink": "sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq",
"max_accepted_payout": "1000000.000 SBD",
"percent_steem_dollars": 0,
"allow_votes": true,
"allow_curation_rewards": true,
"extensions": [
[
0,
{
"beneficiaries": [
{
"account": "steempress",
"weight": 1500
}
]
}
]
]
}
]
}2019/04/02 19:52:00
2019/04/02 19:52:00
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq |
| title | Sistema de camara en red AMCREST NVR HD 1080 Lite.Sistema CCTV.Grabador de camaras CCTV. |
| body | <center>https://cubanhacker.com/wp-content/uploads/2019/04/sistema-de-camara-en-red-amcrest.jpg</center> <br/><p>En este video les muestro como configurar el grabador de video de camaras de seguridad en red Amcrest HD 1080 Lite , este grabador de video funciona correctamente con camaras analogas o camaras de seguridad por IP, es posible configurar en el camaras como la cámara de seguridad por ip amcrest 4mp outdoor cámara que podrán encontrar en el siguiente video</p> <figure class="wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper"> https://www.youtube.com/watch?v=lnaCfAPkKVg </div></figure> <p>Compre este sistema nvr amcrest HD 1080-LITE que funciona con cualquier combinacion de hasta 16 entre camaras analogas y camaras ip, junto con un disco duro de 1 TB, esto para tener un tiempo de grabación considerable antes de que se sobreescriban los videos.</p> <p>Podra en este video aprender la configuración básica de este grabador de video de network amcrest NVR, además de que conocera algunas de sus características.</p> <p>Este NVR Amcrest tiene la posibilidad de ser monitoreado por P2P desde el móvil, utilizando la aplicación propia de la marca, la cual podrán descargar con los codigos QR que les enseño en el video.</p> <p>Si desea comprar el NVR puede ir a uno de los siguientes enlaces dependiendo de cuantos canales requiera.<br> NVR 8 CH https://amzn.to/2UhG1RB<br> NVR 16 CH https://amzn.to/2UgT9q4<br> NVR 32 CH https://amzn.to/2HH5nT3</p> <p>Las camaras de seguridad por ip Amcrest 4MP outdoor podrá conseguirla en el siguiente enlace</p> <figure class="wp-block-embed"><div class="wp-block-embed__wrapper"> https://amzn.to/2TZjRnP </div></figure> <p>El disco duro de 1TB como el que utilizo en mi sistema de seguridad Amcrest lo podrá encontrar en el enlace que coloco a continuación.<br> https://amzn.to/2UigMyy</p> <p>Vea mis otros videos sobre camaras amcrest y sistemas de seguridad en la red:</p> <figure class="wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper"> https://www.youtube.com/watch?v=RCL34WBznm8&list=PLEWrsu79_la46X4-qBvoSZLAbHQaaMOIz </div></figure> <p>Vea mis otros videos sobre unidades de almacenamiento en la red:</p> <figure class="wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper"> https://www.youtube.com/watch?v=HLI5AFHUZJc&list=PLEWrsu79_la7XoG9nTngWNGN2wV6MKOYI </div></figure> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sistema-de-camara-en-red-amcrest-nvr-hd-1080-lite-sistema-cctv-grabador-de-camaras-cctv/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":["https://cubanhacker.com/wp-content/uploads/2019/04/sistema-de-camara-en-red-amcrest.jpg"],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/sistema-de-camara-en-red-amcrest-nvr-hd-1080-lite-sistema-cctv-grabador-de-camaras-cctv/"} |
| Transaction Info | Block #31701675/Trx ed47345757c83687e16fd6e4d6b3f41cdd5a2f3c |
View Raw JSON Data
{
"trx_id": "ed47345757c83687e16fd6e4d6b3f41cdd5a2f3c",
"block": 31701675,
"trx_in_block": 4,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-04-02T19:52:00",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "sistemadecamaraenredamcrestnvrhd1080litesistemacctvgrabadordecamarascctv-4bfdboogbq",
"title": "Sistema de camara en red AMCREST NVR HD 1080 Lite.Sistema CCTV.Grabador de camaras CCTV.",
"body": "<center>https://cubanhacker.com/wp-content/uploads/2019/04/sistema-de-camara-en-red-amcrest.jpg</center> <br/><p>En este video les muestro como configurar el grabador de video de camaras de seguridad en red Amcrest HD 1080 Lite , este grabador de video funciona correctamente con camaras analogas o camaras de seguridad por IP, es posible configurar en el camaras como la cámara de seguridad por ip amcrest 4mp outdoor cámara que podrán encontrar en el siguiente video</p>\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\nhttps://www.youtube.com/watch?v=lnaCfAPkKVg\n</div></figure>\n<p>Compre este sistema nvr amcrest HD 1080-LITE que funciona con cualquier combinacion de hasta 16 entre camaras analogas y camaras ip, junto con un disco duro de 1 TB, esto para tener un tiempo de grabación considerable antes de que se sobreescriban los videos.</p>\n<p>Podra en este video aprender la configuración básica de este grabador de video de network amcrest NVR, además de que conocera algunas de sus características.</p>\n<p>Este NVR Amcrest tiene la posibilidad de ser monitoreado por P2P desde el móvil, utilizando la aplicación propia de la marca, la cual podrán descargar con los codigos QR que les enseño en el video.</p>\n<p>Si desea comprar el NVR puede ir a uno de los siguientes enlaces dependiendo de cuantos canales requiera.<br>\nNVR 8 CH https://amzn.to/2UhG1RB<br>\nNVR 16 CH https://amzn.to/2UgT9q4<br>\nNVR 32 CH https://amzn.to/2HH5nT3</p>\n<p>Las camaras de seguridad por ip Amcrest 4MP outdoor podrá conseguirla en el siguiente enlace</p>\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttps://amzn.to/2TZjRnP\n</div></figure>\n<p>El disco duro de 1TB como el que utilizo en mi sistema de seguridad Amcrest lo podrá encontrar en el enlace que coloco a continuación.<br>\nhttps://amzn.to/2UigMyy</p>\n<p>Vea mis otros videos sobre camaras amcrest y sistemas de seguridad en la red:</p>\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\nhttps://www.youtube.com/watch?v=RCL34WBznm8&list=PLEWrsu79_la46X4-qBvoSZLAbHQaaMOIz\n</div></figure>\n<p>Vea mis otros videos sobre unidades de almacenamiento en la red:</p>\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\nhttps://www.youtube.com/watch?v=HLI5AFHUZJc&list=PLEWrsu79_la7XoG9nTngWNGN2wV6MKOYI\n</div></figure>\n <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/sistema-de-camara-en-red-amcrest-nvr-hd-1080-lite-sistema-cctv-grabador-de-camaras-cctv/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"https://cubanhacker.com/wp-content/uploads/2019/04/sistema-de-camara-en-red-amcrest.jpg\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/sistema-de-camara-en-red-amcrest-nvr-hd-1080-lite-sistema-cctv-grabador-de-camaras-cctv/\"}"
}
]
}2019/03/26 16:56:06
2019/03/26 16:56:06
| voter | seekersop |
| author | cubanhacker |
| permlink | amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io |
| weight | 10000 (100.00%) |
| Transaction Info | Block #31496684/Trx 1cd2b06b8188206ea5d8d14c7888399d44799440 |
View Raw JSON Data
{
"trx_id": "1cd2b06b8188206ea5d8d14c7888399d44799440",
"block": 31496684,
"trx_in_block": 47,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-03-26T16:56:06",
"op": [
"vote",
{
"voter": "seekersop",
"author": "cubanhacker",
"permlink": "amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io",
"weight": 10000
}
]
}2019/03/26 16:51:48
2019/03/26 16:51:48
| author | cubanhacker |
| permlink | amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io |
| max accepted payout | 1000000.000 SBD |
| percent steem dollars | 0 |
| allow votes | true |
| allow curation rewards | true |
| extensions | [[0,{"beneficiaries":[{"account":"steempress","weight":1500}]}]] |
| Transaction Info | Block #31496598/Trx 37aff8108e1a0f928a581bd44c994774ddabe555 |
View Raw JSON Data
{
"trx_id": "37aff8108e1a0f928a581bd44c994774ddabe555",
"block": 31496598,
"trx_in_block": 17,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-03-26T16:51:48",
"op": [
"comment_options",
{
"author": "cubanhacker",
"permlink": "amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io",
"max_accepted_payout": "1000000.000 SBD",
"percent_steem_dollars": 0,
"allow_votes": true,
"allow_curation_rewards": true,
"extensions": [
[
0,
{
"beneficiaries": [
{
"account": "steempress",
"weight": 1500
}
]
}
]
]
}
]
}cubanhackerpublished a new post: amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io2019/03/26 16:51:48
cubanhackerpublished a new post: amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io
2019/03/26 16:51:48
| parent author | |
| parent permlink | steempress |
| author | cubanhacker |
| permlink | amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io |
| title | AMCREST camera - 4MP wi-fi outdoor bullet security poe ip camera installation |
| body | <center>https://cubanhacker.com/wp-content/uploads/2019/03/amcrest-camera-4mp-wi-fi-outdoor.jpg</center> <br/><p>In this video I will show you how to install an amcrest ip security cameras. I decided to install these amcrest 4mp security ip bullet cameras after my older non ip cameras failed to capture the face of the car robber that stole my car for a few hours (will post that video in a bit). Since these are 4k camera , the resolution should improve. </p> <p>Purchased 4 of these night vision enabled wifi cctv amcrest camera to add into my existing amcrest nvr that takes both analog and network security cameras, I opted to do wireless networking on these wi-fi cameras, but you have the option to use the wired or as wifi security cameras. The installation is performed using and android mobile device. When using a mobile device to access these amcrest 4mp cameras you might need to open ports on your network firewall if you do not have a network video recorder (nvr). These amcrest night vision IP cameras are also compatible with qnap & synology nas units that have the nvr feature enabled. </p> <p>I will record another video for the qnap nas surveliance station connected to these amcrest 4mp ip bullet camera to demonstrate how to use qnap nas units as security network video recorder.</p> <p> Amcrest 4mp outdoor bullet ip cameras are an extraordinary enhancement to any security system that you currently own, IP based network security camera, Network Video Recorders and many other devices can be added to your existing system in order to improve, enhance, extend your remote viewing, monitoring and alerting capabilities allowing your small business or personal property to stay better protected against criminals and robbers. Installed these wifi security camera as outdoor cameras on my amcrest nvr security system (NVR) </p> <p>Check my Amcrest and Network Surveliance videos: </p> <p><a href="https://www.youtube.com/watch?v=RCL34WBznm8&list=PLEWrsu79_la46X4-qBvoSZLAbHQaaMOIz">https://www.youtube.com/watch?v=RCL34...</a> </p> <p>Check my QNAP Network Storage Videos: </p> <p><a href="https://www.youtube.com/watch?v=HLI5AFHUZJc&list=PLEWrsu79_la7XoG9nTngWNGN2wV6MKOYI">https://www.youtube.com/watch?v=HLI5A...</a></p> <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/amcrest-camera-4mp-wi-fi-outdoor-bullet-security-poe-ip-camera-installation/ </em><hr/></center> |
| json metadata | {"community":"steempress","app":"steempress/1.4","image":["https://cubanhacker.com/wp-content/uploads/2019/03/amcrest-camera-4mp-wi-fi-outdoor.jpg"],"tags":["steempress","steem"],"original_link":"https://cubanhacker.com/amcrest-camera-4mp-wi-fi-outdoor-bullet-security-poe-ip-camera-installation/"} |
| Transaction Info | Block #31496598/Trx 37aff8108e1a0f928a581bd44c994774ddabe555 |
View Raw JSON Data
{
"trx_id": "37aff8108e1a0f928a581bd44c994774ddabe555",
"block": 31496598,
"trx_in_block": 17,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-03-26T16:51:48",
"op": [
"comment",
{
"parent_author": "",
"parent_permlink": "steempress",
"author": "cubanhacker",
"permlink": "amcrestcamera-4mpwi-fioutdoorbulletsecuritypoeipcamerainstallation-zjg9slm4io",
"title": "AMCREST camera - 4MP wi-fi outdoor bullet security poe ip camera installation",
"body": "<center>https://cubanhacker.com/wp-content/uploads/2019/03/amcrest-camera-4mp-wi-fi-outdoor.jpg</center> <br/><p>In this video I will show you how to install an amcrest ip security cameras. I decided to install these amcrest 4mp security ip bullet cameras after my older non ip cameras failed to capture the face of the car robber that stole my car for a few hours (will post that video in a bit). Since these are 4k camera , the resolution should improve. </p>\n<p>Purchased 4 of these night vision enabled wifi cctv amcrest camera to add into my existing amcrest nvr that takes both analog and network security cameras, I opted to do wireless networking on these wi-fi cameras, but you have the option to use the wired or as wifi security cameras. The installation is performed using and android mobile device. When using a mobile device to access these amcrest 4mp cameras you might need to open ports on your network firewall if you do not have a network video recorder (nvr). These amcrest night vision IP cameras are also compatible with qnap & synology nas units that have the nvr feature enabled. </p>\n<p>I will record another video for the qnap nas surveliance station connected to these amcrest 4mp ip bullet camera to demonstrate how to use qnap nas units as security network video recorder.</p>\n<p> Amcrest 4mp outdoor bullet ip cameras are an extraordinary enhancement to any security system that you currently own, IP based network security camera, Network Video Recorders and many other devices can be added to your existing system in order to improve, enhance, extend your remote viewing, monitoring and alerting capabilities allowing your small business or personal property to stay better protected against criminals and robbers. Installed these wifi security camera as outdoor cameras on my amcrest nvr security system (NVR) </p>\n<p>Check my Amcrest and Network Surveliance videos: </p>\n<p><a href=\"https://www.youtube.com/watch?v=RCL34WBznm8&list=PLEWrsu79_la46X4-qBvoSZLAbHQaaMOIz\">https://www.youtube.com/watch?v=RCL34...</a> </p>\n<p>Check my QNAP Network Storage Videos: </p>\n<p><a href=\"https://www.youtube.com/watch?v=HLI5AFHUZJc&list=PLEWrsu79_la7XoG9nTngWNGN2wV6MKOYI\">https://www.youtube.com/watch?v=HLI5A...</a></p>\n <br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://cubanhacker.com/amcrest-camera-4mp-wi-fi-outdoor-bullet-security-poe-ip-camera-installation/ </em><hr/></center>",
"json_metadata": "{\"community\":\"steempress\",\"app\":\"steempress/1.4\",\"image\":[\"https://cubanhacker.com/wp-content/uploads/2019/03/amcrest-camera-4mp-wi-fi-outdoor.jpg\"],\"tags\":[\"steempress\",\"steem\"],\"original_link\":\"https://cubanhacker.com/amcrest-camera-4mp-wi-fi-outdoor-bullet-security-poe-ip-camera-installation/\"}"
}
]
}2019/01/22 23:58:09
2019/01/22 23:58:09
| parent author | cubanhacker |
| parent permlink | gondola-bay-2018-02-12-00-57-36 |
| author | steemitboard |
| permlink | steemitboard-notify-cubanhacker-20190122t235809000z |
| title | |
| body | Congratulations @cubanhacker! You received a personal award! <table><tr><td>https://steemitimages.com/70x70/http://steemitboard.com/@cubanhacker/birthday1.png</td><td>Happy Birthday! - You are on the Steem blockchain for 1 year!</td></tr></table> <sub>_[Click here to view your Board](https://steemitboard.com/@cubanhacker)_</sub> > Support [SteemitBoard's project](https://steemit.com/@steemitboard)! **[Vote for its witness](https://v2.steemconnect.com/sign/account-witness-vote?witness=steemitboard&approve=1)** and **get one more award**! |
| json metadata | {"image":["https://steemitboard.com/img/notify.png"]} |
| Transaction Info | Block #29692153/Trx 819f4acc88ec14d8ea88f9873a1e6bdbc0932404 |
View Raw JSON Data
{
"trx_id": "819f4acc88ec14d8ea88f9873a1e6bdbc0932404",
"block": 29692153,
"trx_in_block": 13,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2019-01-22T23:58:09",
"op": [
"comment",
{
"parent_author": "cubanhacker",
"parent_permlink": "gondola-bay-2018-02-12-00-57-36",
"author": "steemitboard",
"permlink": "steemitboard-notify-cubanhacker-20190122t235809000z",
"title": "",
"body": "Congratulations @cubanhacker! You received a personal award!\n\n<table><tr><td>https://steemitimages.com/70x70/http://steemitboard.com/@cubanhacker/birthday1.png</td><td>Happy Birthday! - You are on the Steem blockchain for 1 year!</td></tr></table>\n\n<sub>_[Click here to view your Board](https://steemitboard.com/@cubanhacker)_</sub>\n\n\n> Support [SteemitBoard's project](https://steemit.com/@steemitboard)! **[Vote for its witness](https://v2.steemconnect.com/sign/account-witness-vote?witness=steemitboard&approve=1)** and **get one more award**!",
"json_metadata": "{\"image\":[\"https://steemitboard.com/img/notify.png\"]}"
}
]
}cubanhackerpublished witness feed price: 3.002 SBD / 1.000 STEEM2018/04/25 05:02:09
cubanhackerpublished witness feed price: 3.002 SBD / 1.000 STEEM
2018/04/25 05:02:09
| publisher | cubanhacker |
| exchange rate | {"base":"3.002 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21866891/Trx 02ffe4131163c8a513a4219b8b5b808418090dc7 |
View Raw JSON Data
{
"trx_id": "02ffe4131163c8a513a4219b8b5b808418090dc7",
"block": 21866891,
"trx_in_block": 32,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-25T05:02:09",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.002 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 2.983 SBD / 1.000 STEEM2018/04/25 04:32:45
cubanhackerpublished witness feed price: 2.983 SBD / 1.000 STEEM
2018/04/25 04:32:45
| publisher | cubanhacker |
| exchange rate | {"base":"2.983 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21866305/Trx 7ac12521e9fcaa46d6183c53c7c84fa0ce9e8ae0 |
View Raw JSON Data
{
"trx_id": "7ac12521e9fcaa46d6183c53c7c84fa0ce9e8ae0",
"block": 21866305,
"trx_in_block": 63,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-25T04:32:45",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "2.983 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.164 SBD / 1.000 STEEM2018/04/25 03:30:15
cubanhackerpublished witness feed price: 3.164 SBD / 1.000 STEEM
2018/04/25 03:30:15
| publisher | cubanhacker |
| exchange rate | {"base":"3.164 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21865057/Trx a487925fa9858db8514516ccdba1d3fc51861774 |
View Raw JSON Data
{
"trx_id": "a487925fa9858db8514516ccdba1d3fc51861774",
"block": 21865057,
"trx_in_block": 22,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-25T03:30:15",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.164 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.204 SBD / 1.000 STEEM2018/04/25 03:02:24
cubanhackerpublished witness feed price: 3.204 SBD / 1.000 STEEM
2018/04/25 03:02:24
| publisher | cubanhacker |
| exchange rate | {"base":"3.204 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21864501/Trx 840ea9f117e267d6b04f1a9b7f172fe953ac72cc |
View Raw JSON Data
{
"trx_id": "840ea9f117e267d6b04f1a9b7f172fe953ac72cc",
"block": 21864501,
"trx_in_block": 45,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-25T03:02:24",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.204 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.264 SBD / 1.000 STEEM2018/04/24 23:09:45
cubanhackerpublished witness feed price: 3.264 SBD / 1.000 STEEM
2018/04/24 23:09:45
| publisher | cubanhacker |
| exchange rate | {"base":"3.264 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21859862/Trx 0d30bd3dad68f4238345c051cd08e09d0794b575 |
View Raw JSON Data
{
"trx_id": "0d30bd3dad68f4238345c051cd08e09d0794b575",
"block": 21859862,
"trx_in_block": 3,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T23:09:45",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.264 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.294 SBD / 1.000 STEEM2018/04/24 22:31:36
cubanhackerpublished witness feed price: 3.294 SBD / 1.000 STEEM
2018/04/24 22:31:36
| publisher | cubanhacker |
| exchange rate | {"base":"3.294 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21859103/Trx e9c99098e5c12f059dec2967a80535b57f50eeb5 |
View Raw JSON Data
{
"trx_id": "e9c99098e5c12f059dec2967a80535b57f50eeb5",
"block": 21859103,
"trx_in_block": 22,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T22:31:36",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.294 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.248 SBD / 1.000 STEEM2018/04/24 22:30:15
cubanhackerpublished witness feed price: 3.248 SBD / 1.000 STEEM
2018/04/24 22:30:15
| publisher | cubanhacker |
| exchange rate | {"base":"3.248 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21859076/Trx bb43e8bcab0965b68b3afd9ec40c60eca4fae24c |
View Raw JSON Data
{
"trx_id": "bb43e8bcab0965b68b3afd9ec40c60eca4fae24c",
"block": 21859076,
"trx_in_block": 4,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T22:30:15",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.248 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.272 SBD / 1.000 STEEM2018/04/24 21:30:18
cubanhackerpublished witness feed price: 3.272 SBD / 1.000 STEEM
2018/04/24 21:30:18
| publisher | cubanhacker |
| exchange rate | {"base":"3.272 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21857884/Trx 5df44d687cbd40f2a41a44c63ce7168544ec8874 |
View Raw JSON Data
{
"trx_id": "5df44d687cbd40f2a41a44c63ce7168544ec8874",
"block": 21857884,
"trx_in_block": 29,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T21:30:18",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.272 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.261 SBD / 1.000 STEEM2018/04/24 21:02:42
cubanhackerpublished witness feed price: 3.261 SBD / 1.000 STEEM
2018/04/24 21:02:42
| publisher | cubanhacker |
| exchange rate | {"base":"3.261 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21857334/Trx 284e7cc53bd6416b1b007a854c6f0689ece2e9b3 |
View Raw JSON Data
{
"trx_id": "284e7cc53bd6416b1b007a854c6f0689ece2e9b3",
"block": 21857334,
"trx_in_block": 5,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T21:02:42",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.261 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.228 SBD / 1.000 STEEM2018/04/24 19:30:12
cubanhackerpublished witness feed price: 3.228 SBD / 1.000 STEEM
2018/04/24 19:30:12
| publisher | cubanhacker |
| exchange rate | {"base":"3.228 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21855493/Trx dff82123d119d6ac3da053891ff1939a0acd6c29 |
View Raw JSON Data
{
"trx_id": "dff82123d119d6ac3da053891ff1939a0acd6c29",
"block": 21855493,
"trx_in_block": 31,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T19:30:12",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.228 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.241 SBD / 1.000 STEEM2018/04/24 19:03:12
cubanhackerpublished witness feed price: 3.241 SBD / 1.000 STEEM
2018/04/24 19:03:12
| publisher | cubanhacker |
| exchange rate | {"base":"3.241 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21854956/Trx 762cfc0190d6b098a7e5ac11478be1c5841c7ff9 |
View Raw JSON Data
{
"trx_id": "762cfc0190d6b098a7e5ac11478be1c5841c7ff9",
"block": 21854956,
"trx_in_block": 16,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T19:03:12",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.241 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.216 SBD / 1.000 STEEM2018/04/24 13:02:24
cubanhackerpublished witness feed price: 3.216 SBD / 1.000 STEEM
2018/04/24 13:02:24
| publisher | cubanhacker |
| exchange rate | {"base":"3.216 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21847783/Trx 5c3b66aeb144bd6aea0a0398891ce729e8f189ff |
View Raw JSON Data
{
"trx_id": "5c3b66aeb144bd6aea0a0398891ce729e8f189ff",
"block": 21847783,
"trx_in_block": 27,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T13:02:24",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.216 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.203 SBD / 1.000 STEEM2018/04/24 07:05:27
cubanhackerpublished witness feed price: 3.203 SBD / 1.000 STEEM
2018/04/24 07:05:27
| publisher | cubanhacker |
| exchange rate | {"base":"3.203 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21840668/Trx 195d956b47b7cf13b491719a34afce52088ff38b |
View Raw JSON Data
{
"trx_id": "195d956b47b7cf13b491719a34afce52088ff38b",
"block": 21840668,
"trx_in_block": 8,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T07:05:27",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.203 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.216 SBD / 1.000 STEEM2018/04/24 05:03:12
cubanhackerpublished witness feed price: 3.216 SBD / 1.000 STEEM
2018/04/24 05:03:12
| publisher | cubanhacker |
| exchange rate | {"base":"3.216 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21838236/Trx 272d8f754a78cf834b9938e03b1d81c113b87353 |
View Raw JSON Data
{
"trx_id": "272d8f754a78cf834b9938e03b1d81c113b87353",
"block": 21838236,
"trx_in_block": 35,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-24T05:03:12",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.216 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.098 SBD / 1.000 STEEM2018/04/23 17:00:06
cubanhackerpublished witness feed price: 3.098 SBD / 1.000 STEEM
2018/04/23 17:00:06
| publisher | cubanhacker |
| exchange rate | {"base":"3.098 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21824245/Trx 43374992107b6e91e377293fe5addc87601a18b6 |
View Raw JSON Data
{
"trx_id": "43374992107b6e91e377293fe5addc87601a18b6",
"block": 21824245,
"trx_in_block": 29,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-23T17:00:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.098 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.091 SBD / 1.000 STEEM2018/04/23 16:30:06
cubanhackerpublished witness feed price: 3.091 SBD / 1.000 STEEM
2018/04/23 16:30:06
| publisher | cubanhacker |
| exchange rate | {"base":"3.091 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21823684/Trx 1aed9e4d2cfa67a7c5b4eddb540bb3033cf2d52d |
View Raw JSON Data
{
"trx_id": "1aed9e4d2cfa67a7c5b4eddb540bb3033cf2d52d",
"block": 21823684,
"trx_in_block": 33,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-23T16:30:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.091 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.063 SBD / 1.000 STEEM2018/04/23 15:30:06
cubanhackerpublished witness feed price: 3.063 SBD / 1.000 STEEM
2018/04/23 15:30:06
| publisher | cubanhacker |
| exchange rate | {"base":"3.063 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21822484/Trx 00d412e1b975e0598e4119d480119834f7342876 |
View Raw JSON Data
{
"trx_id": "00d412e1b975e0598e4119d480119834f7342876",
"block": 21822484,
"trx_in_block": 16,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-23T15:30:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.063 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 3.064 SBD / 1.000 STEEM2018/04/23 15:02:06
cubanhackerpublished witness feed price: 3.064 SBD / 1.000 STEEM
2018/04/23 15:02:06
| publisher | cubanhacker |
| exchange rate | {"base":"3.064 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21821924/Trx c2128d936cbb929ca08c3eec2a2dc6bf6ac7ae41 |
View Raw JSON Data
{
"trx_id": "c2128d936cbb929ca08c3eec2a2dc6bf6ac7ae41",
"block": 21821924,
"trx_in_block": 17,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-23T15:02:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "3.064 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 2.950 SBD / 1.000 STEEM2018/04/23 07:00:06
cubanhackerpublished witness feed price: 2.950 SBD / 1.000 STEEM
2018/04/23 07:00:06
| publisher | cubanhacker |
| exchange rate | {"base":"2.950 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21812284/Trx f3216ef88b8f8f7c665cb52fefbbc6f63d9b4055 |
View Raw JSON Data
{
"trx_id": "f3216ef88b8f8f7c665cb52fefbbc6f63d9b4055",
"block": 21812284,
"trx_in_block": 16,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-23T07:00:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "2.950 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 2.926 SBD / 1.000 STEEM2018/04/23 06:30:06
cubanhackerpublished witness feed price: 2.926 SBD / 1.000 STEEM
2018/04/23 06:30:06
| publisher | cubanhacker |
| exchange rate | {"base":"2.926 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21811684/Trx 7a6c0838137c52b898a8f93bb95e2381cee57988 |
View Raw JSON Data
{
"trx_id": "7a6c0838137c52b898a8f93bb95e2381cee57988",
"block": 21811684,
"trx_in_block": 42,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-23T06:30:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "2.926 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 2.914 SBD / 1.000 STEEM2018/04/23 05:30:06
cubanhackerpublished witness feed price: 2.914 SBD / 1.000 STEEM
2018/04/23 05:30:06
| publisher | cubanhacker |
| exchange rate | {"base":"2.914 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21810484/Trx 3137967b4c14ec4344aec19935fa58e69a1d4ab8 |
View Raw JSON Data
{
"trx_id": "3137967b4c14ec4344aec19935fa58e69a1d4ab8",
"block": 21810484,
"trx_in_block": 66,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-23T05:30:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "2.914 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 2.913 SBD / 1.000 STEEM2018/04/23 05:02:06
cubanhackerpublished witness feed price: 2.913 SBD / 1.000 STEEM
2018/04/23 05:02:06
| publisher | cubanhacker |
| exchange rate | {"base":"2.913 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21809924/Trx f7232c236f084483e9bf177f3b9d0c824b5f7baf |
View Raw JSON Data
{
"trx_id": "f7232c236f084483e9bf177f3b9d0c824b5f7baf",
"block": 21809924,
"trx_in_block": 13,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-23T05:02:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "2.913 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 2.925 SBD / 1.000 STEEM2018/04/22 23:00:09
cubanhackerpublished witness feed price: 2.925 SBD / 1.000 STEEM
2018/04/22 23:00:09
| publisher | cubanhacker |
| exchange rate | {"base":"2.925 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21802686/Trx b01daf6f3f19d3f6f4c0d6503182f2356de5ccb8 |
View Raw JSON Data
{
"trx_id": "b01daf6f3f19d3f6f4c0d6503182f2356de5ccb8",
"block": 21802686,
"trx_in_block": 0,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-22T23:00:09",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "2.925 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 2.958 SBD / 1.000 STEEM2018/04/22 22:30:06
cubanhackerpublished witness feed price: 2.958 SBD / 1.000 STEEM
2018/04/22 22:30:06
| publisher | cubanhacker |
| exchange rate | {"base":"2.958 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21802085/Trx 99fc13624af15ecaf43b58e5a8c4fa319b98761e |
View Raw JSON Data
{
"trx_id": "99fc13624af15ecaf43b58e5a8c4fa319b98761e",
"block": 21802085,
"trx_in_block": 16,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-22T22:30:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "2.958 SBD",
"quote": "1.000 STEEM"
}
}
]
}cubanhackerpublished witness feed price: 2.931 SBD / 1.000 STEEM2018/04/22 21:30:06
cubanhackerpublished witness feed price: 2.931 SBD / 1.000 STEEM
2018/04/22 21:30:06
| publisher | cubanhacker |
| exchange rate | {"base":"2.931 SBD","quote":"1.000 STEEM"} |
| Transaction Info | Block #21800885/Trx 3ea4f8006ba21bd6164ed4c8e81a3282d8304002 |
View Raw JSON Data
{
"trx_id": "3ea4f8006ba21bd6164ed4c8e81a3282d8304002",
"block": 21800885,
"trx_in_block": 20,
"op_in_trx": 0,
"virtual_op": 0,
"timestamp": "2018-04-22T21:30:06",
"op": [
"feed_publish",
{
"publisher": "cubanhacker",
"exchange_rate": {
"base": "2.931 SBD",
"quote": "1.000 STEEM"
}
}
]
}Manabar
Voting Power100.00%
Downvote Power100.00%
Resource Credits100.00%
Reputation Progress40.18%
{
"voting_manabar": {
"current_mana": "143633490492",
"last_update_time": 1558660953
},
"downvote_manabar": {
"current_mana": 0,
"last_update_time": 1516661523
},
"rc_account": {
"account": "cubanhacker",
"max_rc": "148585535190",
"max_rc_creation_adjustment": {
"amount": "2020748973",
"nai": "@@000000037",
"precision": 6
},
"rc_manabar": {
"current_mana": 2637055098,
"last_update_time": 1558687662
}
}
}Account Metadata
| POSTING JSON METADATA | |
| profile | {"profile_image":"https://yt3.ggpht.com/-nkUu2gElTxw/AAAAAAAAAAI/AAAAAAAAAAA/rF7641StFQg/s288-mo-c-c0xffffffff-rj-k-no/photo.jpg","name":"Cubanhacker","about":"Cubano en Los Angeles, California. Technology geek in charge of an IT company, follow me on my daily client meetings and routine to gain a grasp the life of a","location":"los angeles,CA","website":"http://www.cubanhacker.com/","cover_image":"http://www.cubanhacker.com/images/ST%20Cover%202.jpg"} |
| JSON METADATA | |
| profile | {"profile_image":"https://yt3.ggpht.com/-nkUu2gElTxw/AAAAAAAAAAI/AAAAAAAAAAA/rF7641StFQg/s288-mo-c-c0xffffffff-rj-k-no/photo.jpg","name":"Cubanhacker","about":"Cubano en Los Angeles, California. Technology geek in charge of an IT company, follow me on my daily client meetings and routine to gain a grasp the life of a","location":"los angeles,CA","website":"http://www.cubanhacker.com/","cover_image":"http://www.cubanhacker.com/images/ST%20Cover%202.jpg"} |
{
"posting_json_metadata": {
"profile": {
"profile_image": "https://yt3.ggpht.com/-nkUu2gElTxw/AAAAAAAAAAI/AAAAAAAAAAA/rF7641StFQg/s288-mo-c-c0xffffffff-rj-k-no/photo.jpg",
"name": "Cubanhacker",
"about": "Cubano en Los Angeles, California. Technology geek in charge of an IT company, follow me on my daily client meetings and routine to gain a grasp the life of a",
"location": "los angeles,CA",
"website": "http://www.cubanhacker.com/",
"cover_image": "http://www.cubanhacker.com/images/ST%20Cover%202.jpg"
}
},
"json_metadata": {
"profile": {
"profile_image": "https://yt3.ggpht.com/-nkUu2gElTxw/AAAAAAAAAAI/AAAAAAAAAAA/rF7641StFQg/s288-mo-c-c0xffffffff-rj-k-no/photo.jpg",
"name": "Cubanhacker",
"about": "Cubano en Los Angeles, California. Technology geek in charge of an IT company, follow me on my daily client meetings and routine to gain a grasp the life of a",
"location": "los angeles,CA",
"website": "http://www.cubanhacker.com/",
"cover_image": "http://www.cubanhacker.com/images/ST%20Cover%202.jpg"
}
}
}Auth Keys
Owner
Single Signature
Public Keys
STM5dc9US7LpnePKLNKKmSdwGBUC4sHFgRXJJe83MqA5tD38cponc1/1
Active
Single Signature
Public Keys
STM7Y6iEcHb63TnKetcv3L1BsYaa5Xc8XBhFtfqjpVpqkMmhteTra1/1
Posting
Single Signature
Public Keys
STM8A1GD2bhNMHqPAhqe7gxfXpK4vUYsNXiKWRTRHxjT3ikLZBSpw1/1
Memo
STM8bf2m7gAUMPtx3WpKn7wuC5GihG6pVh4tCbHD1ZGgE34z7NKij
{
"owner": {
"account_auths": [],
"key_auths": [
[
"STM5dc9US7LpnePKLNKKmSdwGBUC4sHFgRXJJe83MqA5tD38cponc",
1
]
],
"weight_threshold": 1
},
"active": {
"account_auths": [],
"key_auths": [
[
"STM7Y6iEcHb63TnKetcv3L1BsYaa5Xc8XBhFtfqjpVpqkMmhteTra",
1
]
],
"weight_threshold": 1
},
"posting": {
"account_auths": [],
"key_auths": [
[
"STM8A1GD2bhNMHqPAhqe7gxfXpK4vUYsNXiKWRTRHxjT3ikLZBSpw",
1
]
],
"weight_threshold": 1
},
"memo": "STM8bf2m7gAUMPtx3WpKn7wuC5GihG6pVh4tCbHD1ZGgE34z7NKij"
}Witness Info
| id | 14692 |
| owner | cubanhacker |
| signing key | STM76R4kAWkXP2HADTjjgB5bqqVb4JxxGEtK9SCTMv7QRckCeGkYy |
| created | 2018-02-07T07:10:48 |
| url | https://steemit.com/witness-category/@cubanhacker/my-witness-thread |
| votes (SP) | 159,002,377,400.000 |
| virtual last update | 838993454085484152035035773 |
| virtual position | 222380936982601262218351480645663952898 |
| virtual scheduled time | 1580500794198976655732088256 |
| total missed | 1 |
| last aslot | 0 |
| last confirmed block num | 0 |
| running version | 0.0.0 |
| hardfork version vote | 0.0.0 |
| hardfork time vote | 2016-03-24T16:00:00 |
| available witness account subsidies | 0 |
| props | |
| account_creation_fee | 0.200 STEEM |
| maximum_block_size | 131,072 |
| account_subsidy_budget | 797 |
| account_subsidy_decay | 347321 |
| sbd_interest_rate | 0 |
| sbd_exchange_rate | |
| base | 3.002 SBD |
| quote | 1.000 STEEM |
| pow_worker | 0 |
| last_sbd_exchange_update | 2018-04-25T05:02:09 |
{
"available_witness_account_subsidies": 0,
"created": "2018-02-07T07:10:48",
"hardfork_time_vote": "2016-03-24T16:00:00",
"hardfork_version_vote": "0.0.0",
"id": 14692,
"last_aslot": 0,
"last_confirmed_block_num": 0,
"last_sbd_exchange_update": "2018-04-25T05:02:09",
"last_work": "0000000000000000000000000000000000000000000000000000000000000000",
"owner": "cubanhacker",
"pow_worker": 0,
"props": {
"account_creation_fee": "0.200 STEEM",
"account_subsidy_budget": 797,
"account_subsidy_decay": 347321,
"maximum_block_size": 131072,
"sbd_interest_rate": 0
},
"running_version": "0.0.0",
"sbd_exchange_rate": {
"base": "3.002 SBD",
"quote": "1.000 STEEM"
},
"signing_key": "STM76R4kAWkXP2HADTjjgB5bqqVb4JxxGEtK9SCTMv7QRckCeGkYy",
"total_missed": 1,
"url": "https://steemit.com/witness-category/@cubanhacker/my-witness-thread",
"virtual_last_update": "838993454085484152035035773",
"virtual_position": "222380936982601262218351480645663952898",
"virtual_scheduled_time": "1580500794198976655732088256",
"votes": "159002377400"
}Witness Votes
3 / 30
[ "blockbrothers", "cubanhacker", "jerrybanfield" ]