Solved

Sonicwall tz170 x2 site to site vpn gateway issue

Posted on 2009-05-18
2
755 Views
Last Modified: 2013-11-16
I am having DNS issues with this VPN, the Portal is open, and traffic can flow correctly, the two networks are on different domains, i keep having to use full name resolution i.e. ts.domain1.local and not just ts, using windows VPN i can just use ts. i have set up forward lookup zones on each dns server but it doesnt make any difference.

 i also have a problem when connecting to our main site's company web, get the "unauthorised ip". but if i connect locally using windows VPN, all of these issues go away so it has something to do with the 2 sonicwalls.

i have this error popping up every now and then:
24      05/18/2009 11:45:39.736      IKE Responder: IPSec proposal does not match (Phase 2)      91.84.16.74      82.152.225.206      192.168.49.0/24 -> 192.168.50.0/24       
25      05/18/2009 11:45:39.736      IKE Responder: No match for proposed remote network address      91.84.16.74      82.152.225.206      192.168.49.0/24

Which is odd as the remote networks are set on both sides to 192.168.50.0 and 192.168.102.0, so i dont know why its trying .49 ?

CONFUSED!!

Thanks for help in advance

0
Comment
Question by:racphillips
2 Comments
 
LVL 17

Accepted Solution

by:
ccomley earned 500 total points
ID: 24419517
Your first problem is one of DNS config I suspect. What DNS server is the remote user using to look up "ts"? If it isn't YOUR dns server then it won't find it. I suspect the remote user will be using his ISP's DNS server. But as you found you can use the FQDN, then, that's your solution - it's what FQDNs are for. :-)

The second one - you probably have the Proposal parameters incorrect but without seeing them we can't tell - please type in the following for EACH SITE

Wan address
Gateway address
LAN range

Settings from "General" tab of VPN config
Settings from networks tab
Settings from Proposals tab

0
 

Author Closing Comment

by:racphillips
ID: 31582543
There were some old Static routes setup on the Sonicwall that i didnt see before, so ive sorted out the VPN issues, DNS is still strange and cant access one server, only on though, will give you points for that though, cheers,
0

Featured Post

Don't miss ATEN at NAB Show April 24-27!

Visit ATEN at NAB Show to learn how our "Seamlessly Entertaining" solutions deliver fast, precise video streaming without delays for the broadcasting and media environment. ATEN will showcase its 16x16 Modular Matrix Switch (VM1600) and KVM Over IP Solution (KE6900 series).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question