Site to Site with Sonicwall
- From: "Stephen Herrera" <sherrera@xxxxxxxxxx>
- To: "[ISAserver.org Discussion List] (E-mail)" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 21 Sep 2004 12:39:07 -0700
I am setting up the IPSec Tunnel VPN with ISA 2k4 and Sonicwall. I have the
oddest things happening with this. I see the tunnel establish on the sonicwall
and can see my network listed as one of the established networks on the
Sonicwall Device. When I try a ping from my ISA server I get a string of
"Negotiating IP Security" for my result. When I ping from the Sonicwall side I
get a no reply.
I look inside of the logs of the Sonicwall logs and see the tunnel establishing
there as well, but, immediately afterwards I see "IKE Responder: IPSec proposal
does not match (Phase 2) IKE Responder: ESP Perfect Forward Secrecy mismatch".
I removed Perfect forward secrecy to eliminate that and only received "IKE
Responder: IPSec proposal does not match (Phase 2)"
For ISA I have 3DES and SHA1 as my Encryption and Integrity Algorithms,
Generate a new key every 3600 seconds. On the Sonicwall I have my Phase 2
Encryption/Authentication set to "Strong Encrypt and Authenticate (ESP 3DES
HMAC SHA1)".
I have tried changing the Phase 2 information just to see if I generate a
different error. I get the same error but the tunnel doesn't establish when I
do that.
At this point it feels like so close but yet so far. Any ideas on what else I
can try?
Steve
Other related posts:
