Sonicwall vpn issue - unable to connect after relocation

Posted on 2013-01-23
Last Modified: 2013-01-26

We have moved a decommissioned network which had a working vpn on an old Sonicwall TZ190 which was behind an sdsl vigor 3300 router.

The vpn setup was an IKE auth with a shared secret key and the clients connected to the vpn using the GVC from Sonicwall to the public ip of the draytek router.

The draytek router was set to open and forward all ports to the Sonicwall.

We moved the network and had to change from SDSL to ADSL due to poor connection stats from the  ISP.

The replacement router is a Draytek again 2850 VDSL/ADSL in ADSL mode, the ADSL is up and port forwards are set to the Sonicwall. But the vpn will no longer connect.

The client log reports failure to negotiate ISAKMP phase 1 and also the error "failed to find mac address in system interface table"

The public Ip is right and the only change has been the router, so is this something to do with vpn passthrough or am I missing something. Nat traversal is ticked on at the Sonicwall and interestingly there are no packets logged on the Sonicwall for IKE auth, or VPN connection attempts.

Desperate for help, max points to be awarded for bang on answer

Many thanks
Question by:Veerleft
LVL 20

Assisted Solution

carlmd earned 250 total points
ID: 38814215
I would connect a laptop to your side of the router (Sonicwall WAN) and attempt to connect the VPN. If it works you have proved it is the router. If not, then it is a Sonicwall issue.

You say "old", so does the version of the VPN client match that for the Sonicwall? Are you using the same one that used to work?
LVL 26

Accepted Solution

Fred Marshall earned 250 total points
ID: 38815121
Of course, the trick here is first to focus on the *changes*.
You've described a lot of stuff but it's hard to separate out what changed and what did not change.  It's not nearly as useful to hear what was working and did not change vs. what was working but *did* change.

So, might I humbly suggest a list of what changed .. only.  That's not entirely clear to me and we should not be guessing.
Just for starters.

On another note, I find it very useful to be "at both ends" of the VPN when setting it up.  When they're new it's sometimes possible to have them in the same room/lab with a couple of laptops or desktops and get the VPN up and running before deployment.
But, of course, that's often not possible.
So, you should have a workstation at each end and be able to remote into them.
Then you can look at VPN logs, etc. to see how things change and you can work on it until it's working.  Part of that is having access to the router settings at the same time.
If you're remoted in you might want to make sure you don't "cut off the branch you're sitting on" and disconnect your remote connection(s).

Author Comment

ID: 38822963
Hi Guys,

carlmd and fmarshall, thank you for your posts, I managed to solve it in the end. The important thing was the changes in that the problem was with the router being changed. The line the vpn worked on before was an SDSL line which had to be changed at the new location to an ADSL line, hence the router change as well. The new router was not allowing vpn passthrough traffic correctly and everything is now working.

Thanks for both of your feed back, both valid points and angles so I will split the points here 250/250

Cheers now.

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DNS Server 7 59
Lightweight Networking 9 61
decoding the error message TEI_ASSIGNED 8 40
FTP Transfer Speeds ... 6 55
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question