Rupert Eghardt
asked on
Site-to-Site VPN via Dell SonicWALL TZ400
Hi Guys,
I am trying to configure a SonicWALL TZ400 site-to-site VPN.
We have a Sophos firewall router on the remote side.
The Dell SonicWALL replaces our previous Netgear Prosafe FVS336G router, which connects the site-to-site VPN successfully.
I confirmed the Dell SonicWALL VPN / IPsec settings again and again, but no connection unfortunately.
I used the SonicWALL quick VPN configuration.
I've noticed that the access rules for "VPN to LAN" have been auto-added, as well as "VPN to WAN"
Are there any changes that is needed to the access rules, or NAT rules for the site-to-site VPN to work?
Any recommendations are welcome ...
I am trying to configure a SonicWALL TZ400 site-to-site VPN.
We have a Sophos firewall router on the remote side.
The Dell SonicWALL replaces our previous Netgear Prosafe FVS336G router, which connects the site-to-site VPN successfully.
I confirmed the Dell SonicWALL VPN / IPsec settings again and again, but no connection unfortunately.
I used the SonicWALL quick VPN configuration.
I've noticed that the access rules for "VPN to LAN" have been auto-added, as well as "VPN to WAN"
Are there any changes that is needed to the access rules, or NAT rules for the site-to-site VPN to work?
Any recommendations are welcome ...
ASKER
Thanks J,
The tunnel is not up, not showing a green led.
I will check the logs, could you confirm that no additional access rules, or NAT rules are required?
The tunnel is not up, not showing a green led.
I will check the logs, could you confirm that no additional access rules, or NAT rules are required?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I am able to see VPN / IKE activity in the Event log.
One line that stand out:
07:52:29 Nov 21 401
VPN Warning Received notify. NO_PROPOSAL_CHOSEN 86.13.165.110, 500 155.118.129.59, 500
I confirmed Phase 1 & Phase 2 proposals.
One line that stand out:
07:52:29 Nov 21 401
VPN Warning Received notify. NO_PROPOSAL_CHOSEN 86.13.165.110, 500 155.118.129.59, 500
I confirmed Phase 1 & Phase 2 proposals.
ASKER
Thanks J,
Problem was with the "Perfect Forward Secrecy" setting.
VPN tunnel connected now ...
Problem was with the "Perfect Forward Secrecy" setting.
VPN tunnel connected now ...
glad you found the issue
if the VPN tunnel is up it should show a green bulb.
If not, check your logs.
It might be a mismatch in settings.