Sonicwall Lan-to-Lan

Hi all,

Thanks in advance

I am have a problem with a IKE connection between sonicwalls, i can only ping (by IP) from the IKE Initiator, DNS/WINS doesn't work.

this is the log from the Initiator. (Dymanic IP)

02/21/2006 16:05:07.848 Starting IKE negotiation 80.5.132.14 213.107.169.56 02/21/2006 16:05:07.848 IKE Initiator: Aggressive Mode Phase 1 Done

02/21/2006 16:05:07.848 IKE Initiator: Begin Phase 2

02/21/2006 16:05:07.896 IKE negotiation complete. Adding IPSec SA. Phase 2 Done

this is the log from the Responder. (Static IP)

02/21/2006 16:05:07.848 Starting IKE negotiation 80.5.132.14 213.107.169.56 02/21/2006 16:05:07.848 IKE Initiator: Aggressive Mode Phase 1 Done

02/21/2006 16:05:07.848 IKE Initiator: Begin Phase 2

02/21/2006 16:05:07.896 IKE negotiation complete. Adding IPSec SA. Phase 2 Done 80.5.132.14 213.107.169.56 lifeSeconds=28770 remote range: (192.168.70.1 - 192.168.70.254).

This is the setting used for the IKE connection

Phase 1 DH Group Group 1 SA Life time (secs) 28800 Phase 1 Encryption/Authentication DES & MD5 Phase 2 Encryption/Authentication Encrypt and Authenticate (ESP DES HMAC MD5)

In the advanced section i have on the Initiator the following selected

Use Aggressive Mode Enable Keep Alive Enable Windows Networking (NetBIOS) broadcast Apply NAT and firewall rules Forward packets to remote VPNs

On the Responder i have the following selected

Enable Windows Networking (NetBIOS) broadcast Forward packets to remote VPNs.

If i deselect Apply NAT and firewall rules on Initator, nothing works

Any help in getting the VPN tunnel working correctly with DNS/WINS would be great

Cheers

Reply to
barkingmadscot
Loading thread data ...

you need to have the boxes on both ends of the tunnel using the samd dns and wins servers.

That is the cause of your problem. Not the VPN itself.

Reply to
snertking

I have checked the DNS, both site have the same ISP and are using the same ISP DNS server. On the Static i am not using the DHCP server on the sonicwall. On the Dymanic one i am using the DHCP Server. I have set to DNS and WINS to the DC on the other site using the internal address.

Reply to
barkingmadscot

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.