Solved

Sonicwall problems

Posted on 2007-11-28
11
4,014 Views
Last Modified: 2009-01-11
Hi

We were using a sonicwall pro 4060 untill the power unit blew. We hastily replaced with a sonicwall pro vz which we had spare and which we originally utilised before upgrading to the 4060. I am now in a strange situation. All vpn clients which were configured for the 4060 will work no problems on the vz however no new connections will work and the log output is as follows

2007/11/28 13:04:49:411      Information      <local host>      The connection "test2" has been enabled.
2007/11/28 13:04:49:791      Information      62.173.92.98      Starting ISAKMP phase 1 negotiation.
2007/11/28 13:04:49:792      Information      62.173.92.98      Starting aggressive mode phase 1 exchange.
2007/11/28 13:04:49:831      Information      62.173.92.98      Received invalid ID information notify.
2007/11/28 13:04:49:832      Information      62.173.92.98      Re-evaluating ID info after notify message.
2007/11/28 13:04:49:911      Information      62.173.92.98      Sending phase 1 delete.
2007/11/28 13:04:51:202      Information      <local host>      The connection "tidal" has been enabled.
2007/11/28 13:04:51:572      Information      62.173.92.98      Starting ISAKMP phase 1 negotiation.
2007/11/28 13:04:51:772      Information      62.173.92.98      Starting aggressive mode phase 1 exchange.
2007/11/28 13:04:51:773      Information      62.173.92.98      NAT Detected: Local host is behind a NAT device.
2007/11/28 13:04:51:774      Information      62.173.92.98      The SA lifetime for phase 1 is 28800 seconds.
2007/11/28 13:04:51:775      Information      62.173.92.98      Phase 1 has completed.
2007/11/28 13:04:51:782      Information      62.173.92.98      Received XAuth request.
2007/11/28 13:04:51:932      Information      62.173.92.98      XAuth has requested a username but one has not yet been specified.
2007/11/28 13:04:51:933      Warning          62.173.92.98      Failed to process packet payloads.
2007/11/28 13:04:51:934      Warning          62.173.92.98      Failed to process mode configuration packet.
2007/11/28 13:04:51:935      Information      62.173.92.98      Sending phase 1 delete.
2007/11/28 13:04:51:936      Information      62.173.92.98      User authentication information is needed to complete the connection.
2007/11/28 13:04:54:073      Warning          62.173.92.98      The username/password dialog box was cancelled by the user. The connection will be disabled.

The lst line is a cancelled command as i did not want to connect. The new connections are he exact same configuration as the functioning old connections from the 4060. I am perplexed as to why the old connections work and key exchange takes place, but new connections are failing the phase 1 even though the settings are identical.

Thanks
0
Comment
Question by:jarretta
  • 5
  • 4
11 Comments
 
LVL 21

Expert Comment

by:from_exp
Comment Utility
phase 1 means authentication, what auth methods do you use.
do you have all user accounts transfered from old box to the new one?
0
 

Author Comment

by:jarretta
Comment Utility
phase 1 is 3des&md5
phase 2 esp 3des hmac md5.

Cleints use xauth

I redid some users. i recreated myself as auser and tested the old client connection and it worked no probs. However if i create a secondary test connection then it is a no go with the listed log.

I did try different levels of authetication to see if this was an issue but same problem exists.
0
 
LVL 21

Expert Comment

by:from_exp
Comment Utility
how have you transfered configuration from 4060 to vz?
0
 

Author Comment

by:jarretta
Comment Utility
Well, the config was not technically transferred. The pro4060 died completly and we were unable to export configs etc. The device was removed and the spare (from days before my time) was installed. The replacemnt picked up the configuration straight away including all rules, one to one nats etc etc. the only thing missing was the vpn user accounts which i recreated. The interface between the two devices is completly different however after recreating my account and another users, the vpn client connected on the same connection as previously. However any additional conenctions created or new users added will not work.
0
 
LVL 21

Expert Comment

by:from_exp
Comment Utility
could it be some license limitations?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:jarretta
Comment Utility
Hmmm, possibly, however I do not understand how the old connections would be allowed, yet if a new connection is made it is denied. unless the user credentials have been cached.

0
 
LVL 21

Expert Comment

by:from_exp
Comment Utility
if you have recreated users, how can they be cached?
0
 

Author Comment

by:jarretta
Comment Utility
well was thinking client caching. I am following up on The license thing however still a bit confused as to why one connection would work but not the other. It is the same user just making a different connection usin same details except renaming the connection.
0
 

Author Comment

by:jarretta
Comment Utility
51 licences included with device. I have 5 users at the moment configured.
0
 
LVL 6

Accepted Solution

by:
sabioit earned 500 total points
Comment Utility
Read this it may give you some ideas


www.sonicwall.com/downloads/GVC_Peer_is_Not_Responding_to_Phase_1_Requests.pdf

I can help you to reconfigured the settings in case that any of the solutions of the link above doesn't work


I personally don't like to restore sonicwall settings I rather recreate them even if there is a little more work to do

by my experience everytime that i backup the settings in one sonicwall box and restore them in other

wear things start happening

I recreate the settings manually everything goes back to normal
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now