[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Site to Site with TZ215

Posted on 2013-01-21
1
Medium Priority
?
724 Views
Last Modified: 2013-01-23
HI

I have create a site-to-site VPN wit two SonicWall TZ215. The problem I have is that the tunnel is not going up. I have followed all the steps and revised them but the problem is still the same.

What should I do or check to fix my problem?

Thanks

J-P
0
Comment
Question by:jpmoreau
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 13

Accepted Solution

by:
Ugo Mena earned 2000 total points
ID: 38802426
You use the VPN Policy Wizard to create the site-to-site VPN policy.

    On the System>Status page, click on Wizards.

    In the Welcome to the SonicWALL Configuration Wizard page select VPN Wizard and click Next.

    In the VPN Policy Type page, select Site-to-Site and click Next.

    In the Create Site-to-Site Policy page, enter the following information:

    Policy Name: Enter a name you can use to refer to the policy. For example, Boston Office.

    Preshared Key: Enter a character string to use to authenticate traffic during IKE Phase 1 negotiation. You can use the default SonicWALL generated Preshared Key.
   
 I know my Remote Peer IP Address (or FQDN): If you check this option, this SonicWALL can initiate the contact with the named remote peer. If you do not check this option, the peer must initiate contact to create a VPN tunnel. This device will use aggressive mode for IKE negotiation. For this example, leave the option unchecked.
   
Remote Peer IP Address (or FQDN): If you checked the option above, enter the IP address or Fully Qualified Domain Name (FQDN) of the remote peer (For example, boston.yourcompany.com).

    Click Next.

    In the Network Selection page, select the local and destination resources this VPN will be connecting:

    Local Networks: Select the local network resources protected by this SonicWALL that you are connecting with this VPN. You can select any address object or group on the device, including networks, subnets, individual servers, and interface IP addresses. If the object or group you want has not been created yet, select Create Object or Create Group. Create the new object or group in the dialog box that pops up. Then select the new object or group. For this example, select LAN Subnets.
   
Destination Networks: Select the network resources on the destination end of the VPN Tunnel. If the object or group does not exist, select Create new Address Object or Create new Address Group.

    For example:

    Select Create new Address Group.

    In the Name field, enter LAN Group.

    In the list on the left, select LAN Subnets and click the -> button.

    Click OK to create the group and return to the Network Selection page.

    In the Destination Networks field, select the newly created group.

    Click Next.

    In the IKE Security Settings page, select the security settings for IKE Phase 2 negotiations and for the VPN tunnel. You can use the default settings.

    DH Group: The Diffie-Hellman (DH) group are the group of numbers used to create the key pair. Each subsequent group uses larger numbers to start with. You can choose Group 1, Group 2, or Group 5. The VPN Uses this during IKE negotiation to create the key pair.

    Encryption: This is the method for encrypting data through the VPN Tunnel. The methods are listed in order of security. DES is the least secure and the and takes the least amount of time to encrypt and decrypt. AES-256 is the most secure and takes the longest time to encrypt and decrypt. You can choose. DES, 3DES, AES-128, or AES-256. The VPN uses this for all data through the tunnel

    Authentication: This is the hashing method used to authenticate the key, once it is exchanged during IKE negotiation. You can choose MD5 or SHA-1.

    Life Time (seconds): This is the length of time the VPN tunnel stays open before needing to re-authenticate. The default is eight hours (28800).

    The Configuration Summary page details the settings that will be pushed to the security appliance when you apply the configuration.

    Click Apply to create the VPN.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question