• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4110
  • Last Modified:

Sonicwall problems

Hi

We were using a sonicwall pro 4060 untill the power unit blew. We hastily replaced with a sonicwall pro vz which we had spare and which we originally utilised before upgrading to the 4060. I am now in a strange situation. All vpn clients which were configured for the 4060 will work no problems on the vz however no new connections will work and the log output is as follows

2007/11/28 13:04:49:411      Information      <local host>      The connection "test2" has been enabled.
2007/11/28 13:04:49:791      Information      62.173.92.98      Starting ISAKMP phase 1 negotiation.
2007/11/28 13:04:49:792      Information      62.173.92.98      Starting aggressive mode phase 1 exchange.
2007/11/28 13:04:49:831      Information      62.173.92.98      Received invalid ID information notify.
2007/11/28 13:04:49:832      Information      62.173.92.98      Re-evaluating ID info after notify message.
2007/11/28 13:04:49:911      Information      62.173.92.98      Sending phase 1 delete.
2007/11/28 13:04:51:202      Information      <local host>      The connection "tidal" has been enabled.
2007/11/28 13:04:51:572      Information      62.173.92.98      Starting ISAKMP phase 1 negotiation.
2007/11/28 13:04:51:772      Information      62.173.92.98      Starting aggressive mode phase 1 exchange.
2007/11/28 13:04:51:773      Information      62.173.92.98      NAT Detected: Local host is behind a NAT device.
2007/11/28 13:04:51:774      Information      62.173.92.98      The SA lifetime for phase 1 is 28800 seconds.
2007/11/28 13:04:51:775      Information      62.173.92.98      Phase 1 has completed.
2007/11/28 13:04:51:782      Information      62.173.92.98      Received XAuth request.
2007/11/28 13:04:51:932      Information      62.173.92.98      XAuth has requested a username but one has not yet been specified.
2007/11/28 13:04:51:933      Warning          62.173.92.98      Failed to process packet payloads.
2007/11/28 13:04:51:934      Warning          62.173.92.98      Failed to process mode configuration packet.
2007/11/28 13:04:51:935      Information      62.173.92.98      Sending phase 1 delete.
2007/11/28 13:04:51:936      Information      62.173.92.98      User authentication information is needed to complete the connection.
2007/11/28 13:04:54:073      Warning          62.173.92.98      The username/password dialog box was cancelled by the user. The connection will be disabled.

The lst line is a cancelled command as i did not want to connect. The new connections are he exact same configuration as the functioning old connections from the 4060. I am perplexed as to why the old connections work and key exchange takes place, but new connections are failing the phase 1 even though the settings are identical.

Thanks
0
jarretta
Asked:
jarretta
  • 5
  • 4
1 Solution
 
from_expCommented:
phase 1 means authentication, what auth methods do you use.
do you have all user accounts transfered from old box to the new one?
0
 
jarrettaAuthor Commented:
phase 1 is 3des&md5
phase 2 esp 3des hmac md5.

Cleints use xauth

I redid some users. i recreated myself as auser and tested the old client connection and it worked no probs. However if i create a secondary test connection then it is a no go with the listed log.

I did try different levels of authetication to see if this was an issue but same problem exists.
0
 
from_expCommented:
how have you transfered configuration from 4060 to vz?
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
jarrettaAuthor Commented:
Well, the config was not technically transferred. The pro4060 died completly and we were unable to export configs etc. The device was removed and the spare (from days before my time) was installed. The replacemnt picked up the configuration straight away including all rules, one to one nats etc etc. the only thing missing was the vpn user accounts which i recreated. The interface between the two devices is completly different however after recreating my account and another users, the vpn client connected on the same connection as previously. However any additional conenctions created or new users added will not work.
0
 
from_expCommented:
could it be some license limitations?
0
 
jarrettaAuthor Commented:
Hmmm, possibly, however I do not understand how the old connections would be allowed, yet if a new connection is made it is denied. unless the user credentials have been cached.

0
 
from_expCommented:
if you have recreated users, how can they be cached?
0
 
jarrettaAuthor Commented:
well was thinking client caching. I am following up on The license thing however still a bit confused as to why one connection would work but not the other. It is the same user just making a different connection usin same details except renaming the connection.
0
 
jarrettaAuthor Commented:
51 licences included with device. I have 5 users at the moment configured.
0
 
sabioitCommented:
Read this it may give you some ideas


www.sonicwall.com/downloads/GVC_Peer_is_Not_Responding_to_Phase_1_Requests.pdf

I can help you to reconfigured the settings in case that any of the solutions of the link above doesn't work


I personally don't like to restore sonicwall settings I rather recreate them even if there is a little more work to do

by my experience everytime that i backup the settings in one sonicwall box and restore them in other

wear things start happening

I recreate the settings manually everything goes back to normal
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now