Sonic FireWall VPN

Hi All

I have tried to connect to my sonic firewall but I haven't been successful.  Please could you assist me trouble shoot this issues? Thanks Alex

2015/04/24 10:12:02:706      Information      <local host>      The connection "XX.XXX.XXX.XXX" has been enabled.
2015/04/24 10:12:03:081      Information      XX.XXX.XXX.XXX      Starting ISAKMP phase 1 negotiation.
2015/04/24 10:12:03:237      Information      XX.XXX.XXX.XXX      Starting aggressive mode phase 1 exchange.
2015/04/24 10:12:03:237      Information      XX.XXX.XXX.XXX      NAT Detected: Local host is behind a NAT device.
2015/04/24 10:12:03:237      Information      XX.XXX.XXX.XXX      The SA lifetime for phase 1 is 28800 seconds.
2015/04/24 10:12:03:237      Information      XX.XXX.XXX.XXX      Phase 1 has completed.
2015/04/24 10:12:03:253      Information      XX.XXX.XXX.XXX      Received XAuth request.
2015/04/24 10:12:03:253      Information      XX.XXX.XXX.XXX      XAuth has requested a username but one has not yet been specified.
2015/04/24 10:12:03:253      Information      XX.XXX.XXX.XXX      Sending phase 1 delete.
2015/04/24 10:12:03:253      Information      XX.XXX.XXX.XXX      User authentication information is needed to complete the connection.
2015/04/24 10:12:03:269      Information      <local host>      An incoming ISAKMP packet from XX.XXX.XXX.XXX was ignored.
2015/04/24 10:12:28:566      Information      XX.XXX.XXX.XXX      Starting ISAKMP phase 1 negotiation.
2015/04/24 10:12:28:706      Information      XX.XXX.XXX.XXX      Starting aggressive mode phase 1 exchange.
2015/04/24 10:12:28:706      Information      XX.XXX.XXX.XXX      NAT Detected: Local host is behind a NAT device.
2015/04/24 10:12:28:706      Information      XX.XXX.XXX.XXX      The SA lifetime for phase 1 is 28800 seconds.
2015/04/24 10:12:28:706      Information      XX.XXX.XXX.XXX      Phase 1 has completed.
2015/04/24 10:12:28:722      Information      XX.XXX.XXX.XXX      Received XAuth request.
2015/04/24 10:12:28:722      Information      XX.XXX.XXX.XXX      Sending XAuth reply.
2015/04/24 10:12:28:722      Information      XX.XXX.XXX.XXX      Received initial contact notify.
2015/04/24 10:12:28:722      Information      XX.XXX.XXX.XXX      Received XAuth status.
2015/04/24 10:12:28:722      Information      XX.XXX.XXX.XXX      Sending XAuth acknowledgement.
2015/04/24 10:12:28:722      Information      XX.XXX.XXX.XXX      User authentication has succeeded.
2015/04/24 10:12:28:738      Information      XX.XXX.XXX.XXX      Received request for policy version.
2015/04/24 10:12:28:738      Information      XX.XXX.XXX.XXX      Sending policy version reply.
2015/04/24 10:12:28:753      Information      XX.XXX.XXX.XXX      Received policy update.
2015/04/24 10:12:28:753      Information      XX.XXX.XXX.XXX      Sending policy acknowledgement.
2015/04/24 10:12:28:753      Information      XX.XXX.XXX.XXX      The configuration for the connection has been updated.
2015/04/24 10:12:28:753      Information      XX.XXX.XXX.XXX      Sending phase 1 delete.
2015/04/24 10:12:28:769      Warning          XX.XXX.XXX.XXX      The downloaded policy configuration contains no destination networks.
2015/04/24 10:12:28:769      Error            XX.XXX.XXX.XXX      The policy downloaded from the firewall is invalid or incomplete. Contact your network administrator
AJ1978Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David PiniellaCommented:
2015/04/24 10:12:28:769      Warning          XX.XXX.XXX.XXX      The downloaded policy configuration contains no destination networks.
2015/04/24 10:12:28:769      Error            XX.XXX.XXX.XXX      The policy downloaded from the firewall is invalid or incomplete. Contact your network administrator

Is your error; your vpn policy is missing the proxy-id (sometimes called "encryption domain") -- the network that you're trying to tunnel to/from -- for the remote side.

Let's say you want to set a VPN from your internal network 10.10.10.10/24 to your remote site's 10.20.20.10/24:

10.10.10.10/24 ---> sonicwall ===VPN TUNNEL====>remote_site_vpn_device--->10.20.20.10/24

Your config is missing the 10.20.20.10/24 part.

You might also want to look into the error message:
2015/04/24 10:12:03:269      Information      <local host>      An incoming ISAKMP packet from XX.XXX.XXX.XXX was ignored.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.