No VPN connectivity after Draytek Firmware upgrade

I have 1 main site (London) where the DC and Exchange server is and 1 satellite site (Colchester).
In each site the local network goes through a Sonicwall TZ 170 Standard Firewall which goes through a Draytek 2600 Plus.  A VPN connection is configured at the London Site to connect to Colchester.

A Firmware upgrade was performed on the Draytek router at Colchester.  SInce then Colchester cannot connect to the London site for authentication or email.  They do have Internet access though.

Both Sonicwall devices are advising various messages in the log:  IKE IKE negotiation aborted due to timeout, THEN > IKE Responder: Received Main Mode request (Phase 1) (from London)  THEN> IKE Responder: No response - remote party timeout THEN > Received packet retransmission. Drop duplicate packet (London)

Is there anything in thr Draytek which would block access to the VPN ie passtrhough as this is the only thing that has been changed?
RobWashoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

from_expCommented:
have you allowed vpn pass through on your draytek?
0
RobWashoAuthor Commented:
Is this in the Remote Access Control Setup?
The following options are ticked:
 Enable PPTP VPN Service  
 Enable IPSec VPN Service
 Enable L2TP VPN Service
 I have already tried deselecting these but still did not work.  I have also tried setting up the DMZ as the local Sonicwall IP in Advanced Setup > NAT Setup > DMZ Host Setup as suggested but still nothing...
0
from_expCommented:
you don't need services
take a look here http://www.support.draytek.co.uk/kb_vigor_passthrough.html
0
Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

RobWashoAuthor Commented:
Agreed.  This is where I got the suggestion from.  I also created the rules but did not work...
0
RobWashoAuthor Commented:
In the Advanced Setup > VPN IKE / IPSec General Setup screen the following settings are made:
IKE Authentication Method: Blank

IPSec Security Method
Medium (AH) ticked

High (ESP)
DES    3DES    AES All 3 selected.

Should this be so?
0
from_expCommented:
can you fall back to the previous version?
and have you reconfigured that box from default or just upgraded with latest configuration?
0
from_expCommented:
if you have upgraded from previous configuration, may be it is good idea to reset box to default and configure features you want
0
RobWashoAuthor Commented:
Cannot fallback to earlier Firmware version.  Reconfigured it using a backup that was performed.  I will try restting the box now...thanks I will let you know how I get on
0
RobWashoAuthor Commented:
Still the same unfortunately.  There must be something on the Router that is blocking VPN Traffic.  Is there any port that Sonicwall uses that needs to be opened?
0
from_expCommented:
sonicwall is configured as vpn router, so everything should be fine by default.
0
RobWashoAuthor Commented:
Turns out the problem was due to the Firmware upgrade version.  Although VPN should be passed through (basically just a modem) this is not the case.  I had to update the VPN on SonicsWall to point to the public address of the Draytek Router rather than the public address of the Sonicwall Firewall.

Strange but worked.  Thanks for your help
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.