Solved

Sonicwall vpn issue - unable to connect after relocation

Posted on 2013-01-23
3
686 Views
Last Modified: 2013-01-26
Hello

We have moved a decommissioned network which had a working vpn on an old Sonicwall TZ190 which was behind an sdsl vigor 3300 router.

The vpn setup was an IKE auth with a shared secret key and the clients connected to the vpn using the GVC from Sonicwall to the public ip of the draytek router.

The draytek router was set to open and forward all ports to the Sonicwall.

We moved the network and had to change from SDSL to ADSL due to poor connection stats from the  ISP.

The replacement router is a Draytek again 2850 VDSL/ADSL in ADSL mode, the ADSL is up and port forwards are set to the Sonicwall. But the vpn will no longer connect.

The client log reports failure to negotiate ISAKMP phase 1 and also the error "failed to find mac address in system interface table"

The public Ip is right and the only change has been the router, so is this something to do with vpn passthrough or am I missing something. Nat traversal is ticked on at the Sonicwall and interestingly there are no packets logged on the Sonicwall for IKE auth, or VPN connection attempts.

Desperate for help, max points to be awarded for bang on answer

Many thanks
JM
0
Comment
Question by:Veerleft
3 Comments
 
LVL 20

Assisted Solution

by:carlmd
carlmd earned 250 total points
ID: 38814215
I would connect a laptop to your side of the router (Sonicwall WAN) and attempt to connect the VPN. If it works you have proved it is the router. If not, then it is a Sonicwall issue.

You say "old", so does the version of the VPN client match that for the Sonicwall? Are you using the same one that used to work?
0
 
LVL 25

Accepted Solution

by:
Fred Marshall earned 250 total points
ID: 38815121
Of course, the trick here is first to focus on the *changes*.
You've described a lot of stuff but it's hard to separate out what changed and what did not change.  It's not nearly as useful to hear what was working and did not change vs. what was working but *did* change.

So, might I humbly suggest a list of what changed .. only.  That's not entirely clear to me and we should not be guessing.
Just for starters.

On another note, I find it very useful to be "at both ends" of the VPN when setting it up.  When they're new it's sometimes possible to have them in the same room/lab with a couple of laptops or desktops and get the VPN up and running before deployment.
But, of course, that's often not possible.
So, you should have a workstation at each end and be able to remote into them.
Then you can look at VPN logs, etc. to see how things change and you can work on it until it's working.  Part of that is having access to the router settings at the same time.
If you're remoted in you might want to make sure you don't "cut off the branch you're sitting on" and disconnect your remote connection(s).
0
 

Author Comment

by:Veerleft
ID: 38822963
Hi Guys,

carlmd and fmarshall, thank you for your posts, I managed to solve it in the end. The important thing was the changes in that the problem was with the router being changed. The line the vpn worked on before was an SDSL line which had to be changed at the new location to an ADSL line, hence the router change as well. The new router was not allowing vpn passthrough traffic correctly and everything is now working.

Thanks for both of your feed back, both valid points and angles so I will split the points here 250/250

Cheers now.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s list some of the technologies that enable smooth teleworking. 
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now