Posted on 2005-04-28
Medium Priority
Last Modified: 2013-11-16
hello everyone,

i am trying to establish a sitetosite vpn between a PIX515E and SONICWALL firewall. i was able to establish sitetosite vpn between two pix firewall. but i am not able to do this when its between pix and sonicwall. To guide me in this, i have used the docuement available in sonicwall website. But still no use. if anyone have attempted this before or who got expertise in this, please help. In addition to this if anyone can help by giving some hints on troubleshooting the vpn connection issues between PIX and SONICWALL, i would be grateful.

Question by:GEMINI-INDIA
LVL 79

Expert Comment

ID: 13899004
Troubleshooting tools on the PIX side:

 sho cry is sa
 sho cry ip sa
 debug cry isa

Check to see if Perfect Forward Secrecy is enabled on the Sonicwall. The PIX does not enable by default, but many other firewalls do.. If so, just un-check it on the Sonicwall..


Author Comment

ID: 13907137
thanks for the response. i checked SONIC, PFS is disabled there too.

Expert Comment

ID: 13915426
If the interoperability does not work try this out.

I have tried this between PIX 515E (located in Europe) and SonicWall 2040 (located in Middle East, where we are located) and it worked.

1) Have an internal server mapped to external address as VPN server.
2) Get the public address/ gateway address of the external firewall/router.
3) On the SonicWall create a rule that allows inbound connections through PPTP i.e. port number 1723 (TCP) only from that public address to the VPN server.
4)Activate the connection (which is self in SonicWall) and try to connect to the VPN server.

N.B. you need not have a separate server for this . You can use your file and print server as VPN server.

With reagrds to interoperability I will try to find sort this issue

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.


Author Comment

ID: 13915961
i am not using PPTP. The pix and sonic should act as the vpn server allowing ipsec/ike.

Author Comment

ID: 13942621
hello all,

i sorted out the problem. the issue was in the advanced settings screen of sonic, they have entered my pix external interface ip address as gateway. actually it should be and nothing else. ie no settings has to be changed in advanced settings screen of sonic wall vpn configuration.
LVL 79

Expert Comment

ID: 13943922
Good work! Sorry we couldn't have been more help. You can post a Q in community support and ask a moderator to PAQ this question since you answered it yourself..

Thanks for the follow up..

Accepted Solution

DarthMod earned 0 total points
ID: 15940177
PAQed with points (150) refunded

Community Support Moderator

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month13 days, 20 hours left to enroll

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question