Link to home
Start Free TrialLog in
Avatar of RobWasho
RobWasho

asked on

No VPN connectivity after Draytek Firmware upgrade

I have 1 main site (London) where the DC and Exchange server is and 1 satellite site (Colchester).
In each site the local network goes through a Sonicwall TZ 170 Standard Firewall which goes through a Draytek 2600 Plus.  A VPN connection is configured at the London Site to connect to Colchester.

A Firmware upgrade was performed on the Draytek router at Colchester.  SInce then Colchester cannot connect to the London site for authentication or email.  They do have Internet access though.

Both Sonicwall devices are advising various messages in the log:  IKE IKE negotiation aborted due to timeout, THEN > IKE Responder: Received Main Mode request (Phase 1) (from London)  THEN> IKE Responder: No response - remote party timeout THEN > Received packet retransmission. Drop duplicate packet (London)

Is there anything in thr Draytek which would block access to the VPN ie passtrhough as this is the only thing that has been changed?
Avatar of from_exp
from_exp
Flag of Latvia image

have you allowed vpn pass through on your draytek?
Avatar of RobWasho
RobWasho

ASKER

Is this in the Remote Access Control Setup?
The following options are ticked:
 Enable PPTP VPN Service  
 Enable IPSec VPN Service
 Enable L2TP VPN Service
 I have already tried deselecting these but still did not work.  I have also tried setting up the DMZ as the local Sonicwall IP in Advanced Setup > NAT Setup > DMZ Host Setup as suggested but still nothing...
Agreed.  This is where I got the suggestion from.  I also created the rules but did not work...
In the Advanced Setup > VPN IKE / IPSec General Setup screen the following settings are made:
IKE Authentication Method: Blank

IPSec Security Method
Medium (AH) ticked

High (ESP)
DES    3DES    AES All 3 selected.

Should this be so?
can you fall back to the previous version?
and have you reconfigured that box from default or just upgraded with latest configuration?
if you have upgraded from previous configuration, may be it is good idea to reset box to default and configure features you want
Cannot fallback to earlier Firmware version.  Reconfigured it using a backup that was performed.  I will try restting the box now...thanks I will let you know how I get on
Still the same unfortunately.  There must be something on the Router that is blocking VPN Traffic.  Is there any port that Sonicwall uses that needs to be opened?
sonicwall is configured as vpn router, so everything should be fine by default.
ASKER CERTIFIED SOLUTION
Avatar of RobWasho
RobWasho

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial