About IPsec subnet VPNs

Note: To configure VPNs, you need a Unified Threat Management license.

Typically, you use an IPsec subnet VPN to create a secure, encrypted tunnel between subnets, such as between two Smoothwall Filter and Firewall hardware appliance located at a head office and a branch. You create a separate connection for each road warrior on your network.

When creating a tunnel from the Smoothwall Filter and Firewall hardware appliance to another type of network device, we recommend that you select the following settings:

  • Encryption - AES
  • Authentication type - ESP
  • Hashing algorithm - SHA1
  • Diffie-Hellman Group - 14 (2048-bit modulus)
  • Perfect Forward Secrecy - Turned on
  • Compression - Turned on, unless predominant VPN traffic is already encrypted or compressed.