About IPsec subnet VPNs

Note: To configure VPNs, you need a Unified Threat Management license.

Typically, you use an IPsec subnet VPN to create a secure, encrypted tunnel between subnets, such as between two Smoothwall Filter and Firewall hardware appliance located at a head office and a branch. You create a separate connection for each road warrior on your network.

When creating a tunnel from the Smoothwall Filter and Firewall hardware appliance to another type of network device, we recommend that you select the following settings:

• Encryption - AES
• Authentication type - ESP
• Hashing algorithm - SHA1
• Diffie-Hellman Group - 14 (2048-bit modulus)
• Perfect Forward Secrecy - Turned on
• Compression - Turned on, unless predominant VPN traffic is already encrypted or compressed.