JamesonJendreas
asked on
Sonicwall Site-to-Site VPN - Phase II - IPSec Received notify: INVALID_ID_INFO
Hello,
I'm working on setting up a Site-to-Site VPN between 2 Sonicwall Firewalls running Enhanced OS. I've done this a ton of times, and have even ran into this issue before, but can't remember how I solved this previously. We are using Main Mode, with static WAN IPs on both ends.
Using the unique Firewall identifier as the peer/local IKE ID. Using pre-share key. Pretty much everything else is set as default (Keep Alive and NetBIOS is also turned on).
Phase 2 is set to ESP, 3DES, SHA1, LT 28800 on both units
After setting up the VPN, during Phase II we get a "Received notify: INVALID_ID_INFO"
From what I remember and have read, this is usually due to the networks tabs not lining up properly.
For local network, I am choosing the X0 interface as my network, which is a 192.168.x.x /24 on both sides.
For remote, I created an address object with the other sites subnet, and added this to the VPN interface.
Any suggestions?
I'm working on setting up a Site-to-Site VPN between 2 Sonicwall Firewalls running Enhanced OS. I've done this a ton of times, and have even ran into this issue before, but can't remember how I solved this previously. We are using Main Mode, with static WAN IPs on both ends.
Using the unique Firewall identifier as the peer/local IKE ID. Using pre-share key. Pretty much everything else is set as default (Keep Alive and NetBIOS is also turned on).
Phase 2 is set to ESP, 3DES, SHA1, LT 28800 on both units
After setting up the VPN, during Phase II we get a "Received notify: INVALID_ID_INFO"
From what I remember and have read, this is usually due to the networks tabs not lining up properly.
For local network, I am choosing the X0 interface as my network, which is a 192.168.x.x /24 on both sides.
For remote, I created an address object with the other sites subnet, and added this to the VPN interface.
Any suggestions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.