[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1236
  • Last Modified:

No VPN connectivity after Draytek Firmware upgrade

I have 1 main site (London) where the DC and Exchange server is and 1 satellite site (Colchester).
In each site the local network goes through a Sonicwall TZ 170 Standard Firewall which goes through a Draytek 2600 Plus.  A VPN connection is configured at the London Site to connect to Colchester.

A Firmware upgrade was performed on the Draytek router at Colchester.  SInce then Colchester cannot connect to the London site for authentication or email.  They do have Internet access though.

Both Sonicwall devices are advising various messages in the log:  IKE IKE negotiation aborted due to timeout, THEN > IKE Responder: Received Main Mode request (Phase 1) (from London)  THEN> IKE Responder: No response - remote party timeout THEN > Received packet retransmission. Drop duplicate packet (London)

Is there anything in thr Draytek which would block access to the VPN ie passtrhough as this is the only thing that has been changed?
0
RobWasho
Asked:
RobWasho
  • 6
  • 5
1 Solution
 
from_expCommented:
have you allowed vpn pass through on your draytek?
0
 
RobWashoAuthor Commented:
Is this in the Remote Access Control Setup?
The following options are ticked:
 Enable PPTP VPN Service  
 Enable IPSec VPN Service
 Enable L2TP VPN Service
 I have already tried deselecting these but still did not work.  I have also tried setting up the DMZ as the local Sonicwall IP in Advanced Setup > NAT Setup > DMZ Host Setup as suggested but still nothing...
0
 
from_expCommented:
you don't need services
take a look here http://www.support.draytek.co.uk/kb_vigor_passthrough.html
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
RobWashoAuthor Commented:
Agreed.  This is where I got the suggestion from.  I also created the rules but did not work...
0
 
RobWashoAuthor Commented:
In the Advanced Setup > VPN IKE / IPSec General Setup screen the following settings are made:
IKE Authentication Method: Blank

IPSec Security Method
Medium (AH) ticked

High (ESP)
DES    3DES    AES All 3 selected.

Should this be so?
0
 
from_expCommented:
can you fall back to the previous version?
and have you reconfigured that box from default or just upgraded with latest configuration?
0
 
from_expCommented:
if you have upgraded from previous configuration, may be it is good idea to reset box to default and configure features you want
0
 
RobWashoAuthor Commented:
Cannot fallback to earlier Firmware version.  Reconfigured it using a backup that was performed.  I will try restting the box now...thanks I will let you know how I get on
0
 
RobWashoAuthor Commented:
Still the same unfortunately.  There must be something on the Router that is blocking VPN Traffic.  Is there any port that Sonicwall uses that needs to be opened?
0
 
from_expCommented:
sonicwall is configured as vpn router, so everything should be fine by default.
0
 
RobWashoAuthor Commented:
Turns out the problem was due to the Firmware upgrade version.  Although VPN should be passed through (basically just a modem) this is not the case.  I had to update the VPN on SonicsWall to point to the public address of the Draytek Router rather than the public address of the Sonicwall Firewall.

Strange but worked.  Thanks for your help
0

Featured Post

Learn to develop an Android App

Want to increase your earning potential in 2018? Pad your resume with app building experience. Learn how with this hands-on course.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now