Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Sonicwall vpn issue - unable to connect after relocation

Posted on 2013-01-23
Medium Priority
Last Modified: 2013-01-26

We have moved a decommissioned network which had a working vpn on an old Sonicwall TZ190 which was behind an sdsl vigor 3300 router.

The vpn setup was an IKE auth with a shared secret key and the clients connected to the vpn using the GVC from Sonicwall to the public ip of the draytek router.

The draytek router was set to open and forward all ports to the Sonicwall.

We moved the network and had to change from SDSL to ADSL due to poor connection stats from the  ISP.

The replacement router is a Draytek again 2850 VDSL/ADSL in ADSL mode, the ADSL is up and port forwards are set to the Sonicwall. But the vpn will no longer connect.

The client log reports failure to negotiate ISAKMP phase 1 and also the error "failed to find mac address in system interface table"

The public Ip is right and the only change has been the router, so is this something to do with vpn passthrough or am I missing something. Nat traversal is ticked on at the Sonicwall and interestingly there are no packets logged on the Sonicwall for IKE auth, or VPN connection attempts.

Desperate for help, max points to be awarded for bang on answer

Many thanks
Question by:Veerleft
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 20

Assisted Solution

carlmd earned 750 total points
ID: 38814215
I would connect a laptop to your side of the router (Sonicwall WAN) and attempt to connect the VPN. If it works you have proved it is the router. If not, then it is a Sonicwall issue.

You say "old", so does the version of the VPN client match that for the Sonicwall? Are you using the same one that used to work?
LVL 26

Accepted Solution

Fred Marshall earned 750 total points
ID: 38815121
Of course, the trick here is first to focus on the *changes*.
You've described a lot of stuff but it's hard to separate out what changed and what did not change.  It's not nearly as useful to hear what was working and did not change vs. what was working but *did* change.

So, might I humbly suggest a list of what changed .. only.  That's not entirely clear to me and we should not be guessing.
Just for starters.

On another note, I find it very useful to be "at both ends" of the VPN when setting it up.  When they're new it's sometimes possible to have them in the same room/lab with a couple of laptops or desktops and get the VPN up and running before deployment.
But, of course, that's often not possible.
So, you should have a workstation at each end and be able to remote into them.
Then you can look at VPN logs, etc. to see how things change and you can work on it until it's working.  Part of that is having access to the router settings at the same time.
If you're remoted in you might want to make sure you don't "cut off the branch you're sitting on" and disconnect your remote connection(s).

Author Comment

ID: 38822963
Hi Guys,

carlmd and fmarshall, thank you for your posts, I managed to solve it in the end. The important thing was the changes in that the problem was with the router being changed. The line the vpn worked on before was an SDSL line which had to be changed at the new location to an ADSL line, hence the router change as well. The new router was not allowing vpn passthrough traffic correctly and everything is now working.

Thanks for both of your feed back, both valid points and angles so I will split the points here 250/250

Cheers now.

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question