Hi,
I'm having some trouble getting the sonicwall global vpn client working with the TZ 210. I did packet capture on the sonicwall, and it showed that it is received the request (phase 1 isakmp requests) on port 500, but it drops them (drop code is 36 which means its blocked because of a firewall rule). I'm trying to rule out all factors, so I'm doing a direct connect between my machine and the firewall, and I'm allowing everything in the firewall ruleset. I don't have any "deny" and I have entries for "Lan->VPN" and "LAN->LAN" that allow everything
source = any
dest = any
service = any
action = allow
users = any
I've pasted the packet capture below
Looking at the capture below, my machine is the 192.168.168.6 (which is obtained from the sonicwall dhcp).
The sonicwall is the 192.168.168.168
Note that my machine is the only thing connected to the sonicwall. I'm not sure if that would be any issue, or if there's any issues VPNing locally. I feel that it's pointing me to the sonicwall firewall rules, but just can't understand it because I feel that nothing should be blocked.
Does anyone have any suggestions as to where I should be looking at this point?
Thanks for any thoughts or suggestions
Jeff
Ethernet Header
Ether Type: IP(0x800), Src=[00:1d:09:7d:77:4a], Dst=[00:17:c5:5c:28:b2]
IP Packet Header
IP Type: UDP(0x11), Src=[192.168.168.6], Dst=[192.168.168.168]
UDP Packet Header
Src=[500], Dst=[500], Checksum=0x3af0, Message Length=1408 bytes
Application Header
IKE:
Value:[0]
DROPPED, Drop Code: 36, Module Id: 26, (Ref.Id: _4170_uyHtJcpfngKrRmv) 0:0)
I'm having some trouble getting the sonicwall global vpn client working with the TZ 210. I did packet capture on the sonicwall, and it showed that it is received the request (phase 1 isakmp requests) on port 500, but it drops them (drop code is 36 which means its blocked because of a firewall rule). I'm trying to rule out all factors, so I'm doing a direct connect between my machine and the firewall, and I'm allowing everything in the firewall ruleset. I don't have any "deny" and I have entries for "Lan->VPN" and "LAN->LAN" that allow everything
source = any
dest = any
service = any
action = allow
users = any
I've pasted the packet capture below
Looking at the capture below, my machine is the 192.168.168.6 (which is obtained from the sonicwall dhcp).
The sonicwall is the 192.168.168.168
Note that my machine is the only thing connected to the sonicwall. I'm not sure if that would be any issue, or if there's any issues VPNing locally. I feel that it's pointing me to the sonicwall firewall rules, but just can't understand it because I feel that nothing should be blocked.
Does anyone have any suggestions as to where I should be looking at this point?
Thanks for any thoughts or suggestions
Jeff
Ethernet Header
Ether Type: IP(0x800), Src=[00:1d:09:7d:77:4a], Dst=[00:17:c5:5c:28:b2]
IP Packet Header
IP Type: UDP(0x11), Src=[192.168.168.6], Dst=[192.168.168.168]
UDP Packet Header
Src=[500], Dst=[500], Checksum=0x3af0, Message Length=1408 bytes
Application Header
IKE:
Value:[0]
DROPPED, Drop Code: 36, Module Id: 26, (Ref.Id: _4170_uyHtJcpfngKrRmv) 0:0)