We help IT Professionals succeed at work.
Get Started
Troubleshooting Question

Issue with Site to Site VPN between Sonicwall NSA 2600 and Cisco ASA 5515X

Ryan Yates
Ryan Yates asked
on
37 Views
Last Modified: 2020-10-15
I am attempting to setup a VPN connection between a  Sonicwall NSA 2600 and Cisco ASA 5515X, where the Cisco ASA 5515X is using a load balancer for it's internet connection (terms used by the client). Everything has been reviewed multiple times by Sonicwall Support and the client. The preshared secret is correct, Phase 1 and 2 are setup identically on both sides, Public IP and interesting traffic is correct. This is the configuration for both sides -
Phase 1
AES 256 SHA-1 DH5 28800
 
Phase 2
AES-256 SHA-1 No PFS
There is also a NAT policy that is in place for the host coming from the Sonicwall. That has been reviewed multiple times with no issues seen in it's configuration. As the client and I were working on this, we discovered that when I pinged the interesting traffic on his side, it would bring up his tunnel, but no traffic could cross over. Within a few minutes, the tunnel would tear down on it's own. He could not get the tunnel to come up when he attempted to ping my interesting traffic. He recognized the issue once this occurred. He told me that he saw this with another vendor he was working with. They also had a Sonicwall, and they had the same issue. He told me that the solution would be for me to ignore the ISAKMP identity (I'm not quite sure how that is related, but that he was pretty certain that was the issue). Sonicwall does not provide me an option to do this, and the support team has not given me a way to do this either.
So this is where I am currently at with along the troubleshooting process.
Comment
Watch Question
This problem has been solved!
Unlock 2 Answers and 4 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE