Improve company productivity with a Business Account.Sign Up


Sonicwall vpn issue - unable to connect after relocation

Posted on 2013-01-23
Medium Priority
Last Modified: 2013-01-26

We have moved a decommissioned network which had a working vpn on an old Sonicwall TZ190 which was behind an sdsl vigor 3300 router.

The vpn setup was an IKE auth with a shared secret key and the clients connected to the vpn using the GVC from Sonicwall to the public ip of the draytek router.

The draytek router was set to open and forward all ports to the Sonicwall.

We moved the network and had to change from SDSL to ADSL due to poor connection stats from the  ISP.

The replacement router is a Draytek again 2850 VDSL/ADSL in ADSL mode, the ADSL is up and port forwards are set to the Sonicwall. But the vpn will no longer connect.

The client log reports failure to negotiate ISAKMP phase 1 and also the error "failed to find mac address in system interface table"

The public Ip is right and the only change has been the router, so is this something to do with vpn passthrough or am I missing something. Nat traversal is ticked on at the Sonicwall and interestingly there are no packets logged on the Sonicwall for IKE auth, or VPN connection attempts.

Desperate for help, max points to be awarded for bang on answer

Many thanks
Question by:Veerleft
LVL 20

Assisted Solution

carlmd earned 750 total points
ID: 38814215
I would connect a laptop to your side of the router (Sonicwall WAN) and attempt to connect the VPN. If it works you have proved it is the router. If not, then it is a Sonicwall issue.

You say "old", so does the version of the VPN client match that for the Sonicwall? Are you using the same one that used to work?
LVL 27

Accepted Solution

Fred Marshall earned 750 total points
ID: 38815121
Of course, the trick here is first to focus on the *changes*.
You've described a lot of stuff but it's hard to separate out what changed and what did not change.  It's not nearly as useful to hear what was working and did not change vs. what was working but *did* change.

So, might I humbly suggest a list of what changed .. only.  That's not entirely clear to me and we should not be guessing.
Just for starters.

On another note, I find it very useful to be "at both ends" of the VPN when setting it up.  When they're new it's sometimes possible to have them in the same room/lab with a couple of laptops or desktops and get the VPN up and running before deployment.
But, of course, that's often not possible.
So, you should have a workstation at each end and be able to remote into them.
Then you can look at VPN logs, etc. to see how things change and you can work on it until it's working.  Part of that is having access to the router settings at the same time.
If you're remoted in you might want to make sure you don't "cut off the branch you're sitting on" and disconnect your remote connection(s).

Author Comment

ID: 38822963
Hi Guys,

carlmd and fmarshall, thank you for your posts, I managed to solve it in the end. The important thing was the changes in that the problem was with the router being changed. The line the vpn worked on before was an SDSL line which had to be changed at the new location to an ADSL line, hence the router change as well. The new router was not allowing vpn passthrough traffic correctly and everything is now working.

Thanks for both of your feed back, both valid points and angles so I will split the points here 250/250

Cheers now.

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This program is used to assist in finding and resolving common problems with wireless connections.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question