About IPsec subnet VPNs
Note: To configure VPNs, you need a Unified Threat Management license.
Typically, you use an IPsec subnet VPN to create a secure, encrypted tunnel between subnets, such as between two Smoothwall Filter and Firewall hardware appliance located at a head office and a branch. You create a separate connection for each road warrior on your network.
When creating a tunnel from the Smoothwall Filter and Firewall hardware appliance to another type of network device, we recommend that you select the following settings:
- Encryption - AES
- Authentication type - ESP
- Hashing algorithm - SHA1
- Diffie-Hellman Group - 14 (2048-bit modulus)
- Perfect Forward Secrecy - Turned on
- Compression - Turned on, unless predominant VPN traffic is already encrypted or compressed.