Solved

Sonicwall tz170 x2 site to site vpn gateway issue

Posted on 2009-05-18
2
725 Views
Last Modified: 2013-11-16
I am having DNS issues with this VPN, the Portal is open, and traffic can flow correctly, the two networks are on different domains, i keep having to use full name resolution i.e. ts.domain1.local and not just ts, using windows VPN i can just use ts. i have set up forward lookup zones on each dns server but it doesnt make any difference.

 i also have a problem when connecting to our main site's company web, get the "unauthorised ip". but if i connect locally using windows VPN, all of these issues go away so it has something to do with the 2 sonicwalls.

i have this error popping up every now and then:
24      05/18/2009 11:45:39.736      IKE Responder: IPSec proposal does not match (Phase 2)      91.84.16.74      82.152.225.206      192.168.49.0/24 -> 192.168.50.0/24       
25      05/18/2009 11:45:39.736      IKE Responder: No match for proposed remote network address      91.84.16.74      82.152.225.206      192.168.49.0/24

Which is odd as the remote networks are set on both sides to 192.168.50.0 and 192.168.102.0, so i dont know why its trying .49 ?

CONFUSED!!

Thanks for help in advance

0
Comment
Question by:racphillips
2 Comments
 
LVL 16

Accepted Solution

by:
ccomley earned 500 total points
ID: 24419517
Your first problem is one of DNS config I suspect. What DNS server is the remote user using to look up "ts"? If it isn't YOUR dns server then it won't find it. I suspect the remote user will be using his ISP's DNS server. But as you found you can use the FQDN, then, that's your solution - it's what FQDNs are for. :-)

The second one - you probably have the Proposal parameters incorrect but without seeing them we can't tell - please type in the following for EACH SITE

Wan address
Gateway address
LAN range

Settings from "General" tab of VPN config
Settings from networks tab
Settings from Proposals tab

0
 

Author Closing Comment

by:racphillips
ID: 31582543
There were some old Static routes setup on the Sonicwall that i didnt see before, so ive sorted out the VPN issues, DNS is still strange and cant access one server, only on though, will give you points for that though, cheers,
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now