Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can't get my Sonicwall VPN to connect to safenet

Status
Not open for further replies.
jstory

jstory

IS-IT--Management
Apr 1, 2004
4
US
We have a sonic firewall that 6 other users around the country are using fine. But i cant get ours to work, i am running windows xp like the others also. I imported the security policy from another known working computer and it still doesnt work. We are using a preshared key too. Here is the log i get when i try to connect.

16:36:44.891
16:36:44.891 My Connections\GroupVPN 192.168.245.0 - Initiating IKE Phase 1 (IP ADDR=24.199.22.182)
16:36:44.911 My Connections\GroupVPN 192.168.245.0 - SENDING>>>> ISAKMP OAK AG (SA, KE, NON, ID, VID, VID, VID, VID)
16:36:45.141 My Connections\GroupVPN 192.168.245.0 - RECEIVED<<< ISAKMP OAK AG (SA, KE, VID, NAT-D, NAT-D, NON, ID, VID, VID, VID, HASH)
16:36:45.141 Incorrect Phase 1 ID type (expected ID_FQDN):
16:36:45.141 received ID EMAIL=00401015C13F
16:36:45.141 My Connections\GroupVPN 192.168.245.0 - Peer is NAT-T capable
16:36:45.141 My Connections\GroupVPN 192.168.245.0 - NAT is detected for Client
16:36:45.151 No matching Phase 1 ID received for Policy Entry My Connections\GroupVPN 192.168.245.0.
16:36:45.151 My Connections\GroupVPN 192.168.245.0 - SENDING>>>> ISAKMP OAK INFO (HASH, NOTIFY:INVALID_ID_INFO)
16:36:45.151 My Connections\GroupVPN 192.168.245.0 - Discarding IKE SA negotiation
16:36:45.151 MY COOKIE 1 0 0 0 e8 d4 3f 81
16:36:45.151 HIS COOKIE d 75 1b c0 af 69 22 a8


What does this mean? Please help guys i really appreciate it. Also the firewall is not turned on windows xp.
 
Sort by date Sort by votes
Might have something to do with your MTU settings on the Sonicwall and the client side machine. On a couple of Sonicwall sites I have setup, I had to lower the default 1500, to a smaller size ( one was was 1442); DSL clients seem to be the most affected. Each broadband connection can
vary, so don't use 1442 without testing. Same MO as yours, some clients connected, others would not.


Try this for an automated method

 
Upvote 0 Downvote
Thanks i will try that, this is on a T1 line so i wonder if it would be affected though.
 
Upvote 0 Downvote
sjtory,

Are you sure you have your setting correct on your end?
"Incorrect Phase 1 ID type (expected ID_FQDN):
16:36:45.141 received ID EMAIL=00401015C13F" looks as if the server is looking for a FQDN and you're supplying an E-MAIL ID. Can you check that?
 
Upvote 0 Downvote
Thats what confuses me im not supplying it a email id.
 
Upvote 0 Downvote
Ok guys the people at Sonicwall had me uninstall safenet and install the latest Sonicwall Global VPN client. I can connect now but i cannot ping the sonicwall firewall. They think it is my router settings but i had one machine on running windows 98 on the same network that connected before. What do you think it is? I do not have any antivirus or firewall programs running.
 
Upvote 0 Downvote
jstory,

Any chance your VPN server is configured for E-mail ID not FQDN?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
824
sircles
sircles
teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
1K
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
1K
GlobeTrekkerGal
GlobeTrekkerGal
F
  • Locked
  • Solved
some IP Phone not working over site-to-site OpenVPN, packets modified on other side of tunnel
Replies
1
Views
2K
FrankSider12
F
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
834
Joon Smith
Joon Smith

Part and Inventory Search

Sponsor

Back
Top