Failed to send an outgoing ISAKMP packet. A socket operation was attempted to an unreachable host..

Charles Truszcienski
Charles Truszcienski used Ask the Experts™
on
Sonicwall TZ600 constantly disconnects that worked fine until about 2 weeks ago.  I'v reached out to Sonicwall tech support, and they try the same connection using RDP and the latest GVC(which is what we are doing) and Sonicwall has no issues.  I've sent them the TZ600 vpn logs and the GVC client logs, but they have not resolved the problem for me.  

Here is a copy of the remote user's log:
2019/08/15 16:20:01:748	Information	x.x.x.x8	The SA lifetime for phase 1 is 28800 seconds.
2019/08/15 16:20:01:748	Information	x.x.x.x8	Phase 1 has completed.
2019/08/15 16:20:01:848	Information	x.x.x.x8	User authentication has succeeded.
2019/08/15 16:20:01:948	Information	x.x.x.x8	The configuration for the connection is up to date.
2019/08/15 16:20:02:028	Information	x.x.x.x8	Starting ISAKMP phase 2 negotiation with xxx.xxx.xxx.xx5/255.255.255.255:BOOTPC:BOOTPS:UDP.
2019/08/15 16:20:02:078	Information	x.x.x.x8	The SA lifetime for phase 2 is 28800 seconds.
2019/08/15 16:20:02:078	Information	x.x.x.x8	Phase 2 with xxx.xxx.xxx.xx5/255.255.255.255:BOOTPC:BOOTPS:UDP has completed.
2019/08/15 16:20:33:091	Error      	<local host>	Failed to send an outgoing ISAKMP packet. A socket operation was attempted to an unreachable host..
2019/08/15 16:20:34:411	Information	x.x.x.x8	Starting ISAKMP phase 1 negotiation.
2019/08/15 16:20:34:471	Information	x.x.x.x8	NAT Detected: Local host is behind a NAT device.
2019/08/15 16:20:34:471	Information	x.x.x.x8	The SA lifetime for phase 1 is 28800 seconds.
2019/08/15 16:20:34:471	Information	x.x.x.x8	Phase 1 has completed.		
2019/08/15 16:20:34:521	Information	x.x.x.x8	User authentication information is needed to complete the connection.
2019/08/15 16:21:38:883	Information	x.x.x.x8	Starting ISAKMP phase 1 negotiation.
2019/08/15 16:21:40:603	Information	x.x.x.x8	NAT Detected: Local host is behind a NAT device.
2019/08/15 16:21:40:603	Information	x.x.x.x8	The SA lifetime for phase 1 is 28800 seconds.
2019/08/15 16:21:40:603	Information	x.x.x.x8	Phase 1 has completed.
2019/08/15 16:21:40:733	Information	x.x.x.x8	User authentication has succeeded.
2019/08/15 16:21:40:823	Information	x.x.x.x8	The configuration for the connection is up to date.
2019/08/15 16:21:40:933	Information	x.x.x.x8	Starting ISAKMP phase 2 negotiation with xxx.xxx.xxx.xx5/255.255.255.255:BOOTPC:BOOTPS:UDP.
2019/08/15 16:21:40:973	Information	x.x.x.x8	The SA lifetime for phase 2 is 28800 seconds.
2019/08/15 16:21:40:973	Information	x.x.x.x8	Phase 2 with xxx.xxx.xxx.xx5/255.255.255.255:BOOTPC:BOOTPS:UDP has completed.
2019/08/15 16:22:11:710	Error      	<local host>	Failed to send an outgoing ISAKMP packet. A socket operation was attempted to an unreachable host..

Open in new window


The remote user is using a wired desktop connection. Uninstalled and reinstall the latest GVC client, restarted computer, router, and modem. Re- Setup VPN on the TZ600 by Sonicwall tech support. We are unable to get the VPN connection from dropping.  I really need to get this working again.

Thank you,
Cdelta88
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Presuming that the TZ600 has a public IP address, and that there other users that are able to connect without issue, I would guess that the NAT device at the remote site is the cause of the problem.

Depending on licensing, you migth consider using the SSL VPN instead of the IPSec VPN.
Distinguished Expert 2018

Commented:
What do your DHCP settings look like for VPN?
Using DHCP scope on firewall

Wiped firewall and started from scratch.
On GVC setting on Sonicwall client set to use "default gateway" and "split tunnels".
Set two NAT Policies for incoming and outgoing vpn, since we are setup for load balancing for dual ISPs.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial