Hi all.
I have a IPO 500 v2 (R11.1.1.00) behind a sonicwall tz400 at the office
The IPO lan2 is in a separate subnet. IPO gateway is the IPO subnet firewall interface IP (X4)
A 9608G at home directly to a router (not behind a firewall) (R6.8....)
If I connect home with the office with a site to site VPN, the phone registers and works.
Now I try to make the phone perform its own vpn
At the Sonicwal side I have:
VPN settings
enable VPN
unique Firewall identifier: name
At VPN Policies
WAN groupVPN is marked
Autentication method: IKE preshared key
Password: password (for testing)
At User / local users
User created: name: username (for testing)
Password: password (the same as psk for testing)
on-time password disabled
account lifetime : never expires
At groups
member of trusted users
At VPN acces
X4 subnet (the IPO subnet)
At the phone side
ADDR
IPv4 : 0.0.0.0
Call server: Lan2 IPO IP address.
Router: 0.0.0.0
mask: 0.0.0.0
VPN
VPN: enabled
VPN vendor : other
Gateway address Public IP at the office
external IP phone address = 0.0.0.0
external router = 0.0.0.0
external subnet mask = 0.0.0.0
xternal DNS server = 8.8.8.8
encapsulation = 4500-4500
Auth type = PSK with XAUTH
VPN User Type = Any
VPN user = username
Password type = Save in flash
user password = password
IKE id = unique firewall identifier in the sonicwall
Pre-Shared Key = password
Ike phase 1
IKE ID type = IPV4 addr
IKE xchg mode = Aggressive
IKE DH Group= 2
IKE Encryption Alg = 3DES
IKE Auth Alg = SHA-1
IKE config Mode = Enabled
Ike fase 2
IPsec PFS DH group = No PFS
IPsec Encryption Alg AES-128
IPsec Auth Alg = SHA-1
Protected network = X4 subnet in xxx.xxx.xxx.0/24 format
IKE over TCP = Never
Reboot the phone and....
the phone ask for the user name and show the one we configured. Accept
the phone asf for the password. we can accpt or tyupe again. Accept
And the phone ask for the name again.
Sometines shows a Auth error.
After a hundred o revissions I cant' find a mistake.
Any help
Thanks in advanced.
I have a IPO 500 v2 (R11.1.1.00) behind a sonicwall tz400 at the office
The IPO lan2 is in a separate subnet. IPO gateway is the IPO subnet firewall interface IP (X4)
A 9608G at home directly to a router (not behind a firewall) (R6.8....)
If I connect home with the office with a site to site VPN, the phone registers and works.
Now I try to make the phone perform its own vpn
At the Sonicwal side I have:
VPN settings
enable VPN
unique Firewall identifier: name
At VPN Policies
WAN groupVPN is marked
Autentication method: IKE preshared key
Password: password (for testing)
At User / local users
User created: name: username (for testing)
Password: password (the same as psk for testing)
on-time password disabled
account lifetime : never expires
At groups
member of trusted users
At VPN acces
X4 subnet (the IPO subnet)
At the phone side
ADDR
IPv4 : 0.0.0.0
Call server: Lan2 IPO IP address.
Router: 0.0.0.0
mask: 0.0.0.0
VPN
VPN: enabled
VPN vendor : other
Gateway address Public IP at the office
external IP phone address = 0.0.0.0
external router = 0.0.0.0
external subnet mask = 0.0.0.0
xternal DNS server = 8.8.8.8
encapsulation = 4500-4500
Auth type = PSK with XAUTH
VPN User Type = Any
VPN user = username
Password type = Save in flash
user password = password
IKE id = unique firewall identifier in the sonicwall
Pre-Shared Key = password
Ike phase 1
IKE ID type = IPV4 addr
IKE xchg mode = Aggressive
IKE DH Group= 2
IKE Encryption Alg = 3DES
IKE Auth Alg = SHA-1
IKE config Mode = Enabled
Ike fase 2
IPsec PFS DH group = No PFS
IPsec Encryption Alg AES-128
IPsec Auth Alg = SHA-1
Protected network = X4 subnet in xxx.xxx.xxx.0/24 format
IKE over TCP = Never
Reboot the phone and....
the phone ask for the user name and show the one we configured. Accept
the phone asf for the password. we can accpt or tyupe again. Accept
And the phone ask for the name again.
Sometines shows a Auth error.
After a hundred o revissions I cant' find a mistake.
Any help
Thanks in advanced.
