Sonicwall Lan-to-Lan

Sonicwall Lan-to-Lan
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.vpn  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Sonicwall Lan-to-Lan barkingmadscot 02-21-2006
Posted by barkingmadscot on February 21, 2006, 11:13 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi all,

Thanks in advance

I am have a problem with a IKE connection between sonicwalls, i can
only ping (by IP) from the IKE Initiator, DNS/WINS doesn't work.

this is the log from the Initiator. (Dymanic IP)

02/21/2006 16:05:07.848 Starting IKE negotiation 80.5.132.14
213.107.169.56
02/21/2006 16:05:07.848 IKE Initiator: Aggressive Mode Phase 1 Done

02/21/2006 16:05:07.848 IKE Initiator: Begin Phase 2
02/21/2006 16:05:07.896 IKE negotiation complete. Adding IPSec SA.
Phase 2 Done

this is the log from the Responder. (Static IP)

02/21/2006 16:05:07.848 Starting IKE negotiation 80.5.132.14
213.107.169.56
02/21/2006 16:05:07.848 IKE Initiator: Aggressive Mode Phase 1 Done

02/21/2006 16:05:07.848 IKE Initiator: Begin Phase 2
02/21/2006 16:05:07.896 IKE negotiation complete. Adding IPSec SA.
Phase 2 Done 80.5.132.14 213.107.169.56 lifeSeconds=28770 remote range:
(192.168.70.1 - 192.168.70.254).

This is the setting used for the IKE connection

Phase 1 DH Group Group 1
SA Life time (secs) 28800
Phase 1 Encryption/Authentication DES & MD5
Phase 2 Encryption/Authentication Encrypt and Authenticate (ESP DES
HMAC MD5)

In the advanced section i have on the Initiator the following selected

Use Aggressive Mode
Enable Keep Alive
Enable Windows Networking (NetBIOS) broadcast
Apply NAT and firewall rules
Forward packets to remote VPNs

On the Responder i have the following selected

Enable Windows Networking (NetBIOS) broadcast
Forward packets to remote VPNs.

If i deselect Apply NAT and firewall rules on Initator, nothing works

Any help in getting the VPN tunnel working correctly with DNS/WINS
would be great

Cheers


home networking made easy, greater protection, less stress, introducing nm 5.0, 728x90
Posted by snertking on February 21, 2006, 6:44 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
barkingmadscot wrote:

> Hi all,
>
> Thanks in advance
>
> I am have a problem with a IKE connection between sonicwalls, i can
> only ping (by IP) from the IKE Initiator, DNS/WINS doesn't work.
>
> this is the log from the Initiator. (Dymanic IP)
>
> 02/21/2006 16:05:07.848 Starting IKE negotiation 80.5.132.14
> 213.107.169.56
> 02/21/2006 16:05:07.848 IKE Initiator: Aggressive Mode Phase 1 Done
>
> 02/21/2006 16:05:07.848 IKE Initiator: Begin Phase 2
> 02/21/2006 16:05:07.896 IKE negotiation complete. Adding IPSec SA.
> Phase 2 Done
>
> this is the log from the Responder. (Static IP)
>
> 02/21/2006 16:05:07.848 Starting IKE negotiation 80.5.132.14
> 213.107.169.56
> 02/21/2006 16:05:07.848 IKE Initiator: Aggressive Mode Phase 1 Done
>
> 02/21/2006 16:05:07.848 IKE Initiator: Begin Phase 2
> 02/21/2006 16:05:07.896 IKE negotiation complete. Adding IPSec SA.
> Phase 2 Done 80.5.132.14 213.107.169.56 lifeSeconds=28770 remote range:
> (192.168.70.1 - 192.168.70.254).
>
> This is the setting used for the IKE connection
>
> Phase 1 DH Group Group 1
> SA Life time (secs) 28800
> Phase 1 Encryption/Authentication DES & MD5
> Phase 2 Encryption/Authentication Encrypt and Authenticate (ESP DES
> HMAC MD5)
>
> In the advanced section i have on the Initiator the following selected
>
> Use Aggressive Mode
> Enable Keep Alive
> Enable Windows Networking (NetBIOS) broadcast
> Apply NAT and firewall rules
> Forward packets to remote VPNs
>
> On the Responder i have the following selected
>
> Enable Windows Networking (NetBIOS) broadcast
> Forward packets to remote VPNs.
>
> If i deselect Apply NAT and firewall rules on Initator, nothing works
>
> Any help in getting the VPN tunnel working correctly with DNS/WINS
> would be great
>
> Cheers
>
you need to have the boxes on both ends of the tunnel using the samd dns
and wins servers.

That is the cause of your problem. Not the VPN itself.


Posted by barkingmadscot on February 22, 2006, 3:02 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I have checked the DNS, both site have the same ISP and are using the
same ISP DNS server. On the Static i am not using the DHCP server on
the sonicwall. On the Dymanic one i am using the DHCP Server. I have
set to DNS and WINS to the DC on the other site using the internal
address.


Similar ThreadsPosted
SonicWall VPN and XP January 20, 2007, 1:22 pm
Sonicwall VPN - Windows XP August 22, 2005, 8:35 am
VPN between Astaro 6.0 and Sonicwall 4060 December 14, 2005, 10:13 pm
L2TP VPN with Sonicwall TZ170 June 17, 2006, 11:11 pm
Sonicwall to Linksys bfvp41 October 1, 2006, 7:18 pm
SonicWall VPN says Fragmented Packet Dropped October 31, 2006, 6:44 pm
Safenet/Sonicwall client to Symantec 360R April 14, 2005, 12:46 am
SonicWall SOHO with Netgear Prosafe Clients? January 6, 2007, 10:41 pm
Sonicwall - The peer is not responding to phase 1 ISAKMP requests February 22, 2005, 11:09 am
Sonicwall Site to Site VPNand Active Directory March 24, 2005, 11:42 am

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map