ALERT: Datto Drive Cloud service will no longer be available as of July 1, 2019. For more information, see our end-of-life article. If you'd like to migrate your data to Datto Workplace, see our migration guide.
To learn how to download your Datto Drive Cloud data, please visit this article.

Datto Networking Appliance (DNA): How do I configure my firewall for compatibility with Site-to-Site VPN on the Datto DNA?



How do I configure my firewall for compatibility with the Datto Networking Appliance's Site-to-Site VPN feature?


  • Datto Networking Appliance (DNA)
  • Site-to-Site VPN


Use the following settings to configure your firewall. The examples shown use a Sonicwall device; certain settings may be named differently or appear in different areas of the UI depending on the brand of device used in your environment.


  • Policy Type: Select Site to Site
  • Authentication Method: Select IKE using Preshared Secret
  • Name: Use the internal IP address of the DNA
  • IPsec Primary Gateway Name or Address: Enter the primary gateway name or address used in your environment
  • Shared SecretEnter the IKE Authentication Shared Secret key
  • Local IKE ID Peer IKE ID: Enter the address scheme and IDs for both values

Figure 1: General settings as shown on a Sonicwall router

Figure 2: Network settings as shown on a Sonicwall router


  • IKE (Phase 1)
    • Exchange: Main Mode
    • DH Group: Group 14
    • Encryption: AES-128
    • Authentication: SHA1
    • Life Time (seconds): 28800

  • IPsec (Phase 2)
    • Protocol: ESP
    • Encryption: AES-128
    • Authentication: SHA1 - enable Perfect Forward Secrecy
    • DH Group: Group 14
    • Lifetime (seconds): 28800

Figure 3: Proposals settings as shown on a Sonicwall router


  • Keep Alive: Enabled
  • VPN Policy bound to: Select Interface X2.

Figure 4: Advanced settings as shown on a Sonicwall router


Additional Resources

Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Have a feature request?

Head on over to our Community Forum or get live help.