IPSEC VPN won't connect
Posted on 2014-01-07
Having issues connecting IPSEC VPN from my office over our primary WAN, secondary WAN is working fine, but is slower. My working tunnel is up over a CradlePoint ARC MBR 1400 using a Verizon aircard, bridged to a Watchguard Firebox X550e on X3 interface and the other endpoint is a Sonicwall. The non-working tunnel is over a Netgear CG3000DCR cable gateway on Comcast cable, bridged to the Watchguard's X0 interface. Both internet connections work fine in WAN failover with Comcast primary, but the VPN fails over to the secondary Verizon connection. The Sonicwall endpoint on the other side is setup so that it's tunnel uses the Comcast IP as the primary and the Verizon IP as the secondary, and the same for the Firebox. If I disconnect the Verizon to try to force the VPN to bring the tunnel up on the Comcast primary WAN the SonicWall logs show an IKE initiator IKE timeout message repeated. I have confirmed that Phase 1 and Phase 2 match on both ends. I also checked with Comcast and they tell me the device is bridged, so that connections sent to the static IP assigned in the Firebox effectively bypass the Netgear's firewall for their True Static IP range. Any help would be appreciated.