• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 163
  • Last Modified:

Sonicwall Global VPN client static IP

We have a Sonicwall TZ205 and setup a VPN using the Sonicwall VPN client.  It connects fine and puts us on the network fine.  The problem we have is our Shoretel phone system was a pain to setup so we have DHCP enabled on the Sonicwall and we put all of our desktops on Static addresses using the server as DNS.  

When the machine connects and gets the DHCP info, it gets the WAN DNS and not the DNS of the server so the programs the user has icons for on the desktop are not working.

I went into the adapter settings under network settings on the Global VPN client adapter and set a static IP with the DNS of the server.  It worked fine the other day and now the user is getting an error, Received invalid ID information notify then it goes to "Starting ISAKMP Phase 2 negotioation, starting quick mode phase 2 exchange, then errors again with Received Invalid ID information notify".

When I go back into the Sonicwall VPN connection Properties and go back to the Static IP, the gateway is blank.  I can reset it and everytime it goes back blank after trying to connect.

Is there a setting I need to change somewhere in the Sonicwall for this static config to work correctly?
0
joeshinall
Asked:
joeshinall
  • 2
1 Solution
 
Hemil AquinoNetwork EngineerCommented:
When the machine connects and gets the DHCP info, it gets the WAN DNS and not the DNS of the server so the programs the user has icons for on the desktop are not working.

On the DHCP scope, did you add your local DNS first before the external DNS?
Make sure you have that in place.

Received invalid ID information notify then it goes to "Starting ISAKMP Phase 2 negotioation, starting quick mode phase 2 exchange, then errors again with Received Invalid ID information notify".

It sounds like Phase 1 negotiations are failing, make sure the settings are correct on both sides.  Same encryption, pre-shared key, etc

I think you are connected site to site right?
0
 
joeshinallAuthor Commented:
Sorry for the delay, didn't have time to look at anything until today.  Ok so with the DHCP scope through the Sonicwall is set to the external DNS because that's how the Shoretel phones work.  It was easier for us to do it this way and just set the computers manually.  

This is why we are trying to set the Global VPN to static so we can use the internal server DNS like the in office computers are.

This is not site to site.  The user is using a laptop and connects from various places utilizing the Global VPN client software.
0
 
masnrockCommented:
Would it be possible to see the DHCP settings from the VPN?

I'm also assuming you have one flat network, so PCs and phones are in the same subnet. VLANs would actually be the best solution. Then you could have the phones and PCs on 2 different subnets. From the sound of things, you might be best served having an onsite consultant. If you fix the mess with the existing stuff, then the VPN part becomes easy.
0
 
joeshinallAuthor Commented:
Thanks masnrock.  After discussing for weeks with the company about straightening out these problems first, they have finally decided to rework everything so hopefully this will fix the DHCP issue but it will be a few weeks before we can see.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now