Sonicwall tz170 x2 site to site vpn gateway issue

I am having DNS issues with this VPN, the Portal is open, and traffic can flow correctly, the two networks are on different domains, i keep having to use full name resolution i.e. ts.domain1.local and not just ts, using windows VPN i can just use ts. i have set up forward lookup zones on each dns server but it doesnt make any difference.

 i also have a problem when connecting to our main site's company web, get the "unauthorised ip". but if i connect locally using windows VPN, all of these issues go away so it has something to do with the 2 sonicwalls.

i have this error popping up every now and then:
24      05/18/2009 11:45:39.736      IKE Responder: IPSec proposal does not match (Phase 2)      91.84.16.74      82.152.225.206      192.168.49.0/24 -> 192.168.50.0/24       
25      05/18/2009 11:45:39.736      IKE Responder: No match for proposed remote network address      91.84.16.74      82.152.225.206      192.168.49.0/24

Which is odd as the remote networks are set on both sides to 192.168.50.0 and 192.168.102.0, so i dont know why its trying .49 ?

CONFUSED!!

Thanks for help in advance

racphillipsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ccomleyCommented:
Your first problem is one of DNS config I suspect. What DNS server is the remote user using to look up "ts"? If it isn't YOUR dns server then it won't find it. I suspect the remote user will be using his ISP's DNS server. But as you found you can use the FQDN, then, that's your solution - it's what FQDNs are for. :-)

The second one - you probably have the Proposal parameters incorrect but without seeing them we can't tell - please type in the following for EACH SITE

Wan address
Gateway address
LAN range

Settings from "General" tab of VPN config
Settings from networks tab
Settings from Proposals tab

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
racphillipsAuthor Commented:
There were some old Static routes setup on the Sonicwall that i didnt see before, so ive sorted out the VPN issues, DNS is still strange and cant access one server, only on though, will give you points for that though, cheers,
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.