Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Site to site vpn

Posted on 2013-11-19
6
Medium Priority
?
1,281 Views
Last Modified: 2013-11-26
Hi
I'm try to connect a site-to-site VPN between a DLINK DSR-150N and a Sonic Wall TZ215.

What is the easiest way to do this?

Thanks
0
Comment
Question by:jpmoreau
  • 2
  • 2
  • 2
6 Comments
 
LVL 12

Expert Comment

by:Infamus
ID: 39660430
IPSec VPN tunnel is one of the ways to create site to site VPN.
0
 

Author Comment

by:jpmoreau
ID: 39660491
It is not connecting even if I set all the proposals the same on each side
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39660498
Did you add a firewall policy that allows two networks?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:jpmoreau
ID: 39660606
IPSEC is configured to pass true the firewall
0
 
LVL 26

Accepted Solution

by:
Blue Street Tech earned 2000 total points
ID: 39661777
Hi jpmoreau,

On the SonicWALL Configuration setup up the proposal with the lowest security to test compatibility.

First, on the SonicWALL, you must create an address object for the remote network.
1) Log into the SonicWALL.
2) Browse to Network, then Address Objects
3) Create a new Address Object for the network on the D-Link end you wish to reach (D-Link LAN).

Next, on the SonicWALL you must create an SA.
1) Browse to VPN, then Settings (default view for VPN).
2) Ensure that “Enable VPN” is selected.
3) Click Add.
4) Change the Authentication Method to “IKE using pre-shared secret”.
5) Name the SA, e.g. “D-Link”.
6) Enter the WAN IP of the D-Link for “IPSec Primary Gateway Name or Address:”.
7) Enter your shared secret, in this example “password
8) Define Local IKE ID & Peer IKE ID

Network.
1) Select the “Network” tab.
2) Select “LAN Subnets” for Local Networks from the drop down box
3) Select the address object previously created for the destination network.

Proposals.
1) Select the “Proposals” tab.
2) Configure DH group under IKE Phase 1 to “Group 2”.
3) Configure Phase 1 Encryption “3DES” & authentication “SHA1”.
4) Configure Phase 2 Encryption “3DES” & authentication “SHA1”.
5) Do not enable Perfect Forward Secrecy.
6) Configure Phase 2 Life Time 3600

Advanced.
1) Select “Advanced” tab.
2) Ensure that keep alive is enabled on only one end of the tunnel.
3) Select “Enable Windows Networking (NetBIOS) Broadcast” if you would like to pass NetBIOS across the VPN.

On the D-Link side match the following (some devices may not be compatible regardless):
Keying Mode: IKE
IKE Mode: Main Mode with No PFS (perfect forward secrecy)
SA Authentication Method: Pre-Shared key
Keying Group: DH (Diffie Hellman) – Group 2
ID_Type: IP
Encryption and Data Integrity: ESP 3DES with SHA1
ESP 3DES with MD5
ESP DES with SHA1
ESP 3DES with SHA1
Let me know how it goes!
0
 
LVL 26

Expert Comment

by:Blue Street Tech
ID: 39678779
I'm glad I could help and thanks for the points!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question