I have two SonicWall Pro 3060s that I'm trying to create a site-to-site VPN tunnel between. One (192.168.b.1) is running SonicOS Enhanced and the other (192.168.c.1) is running standard. The VPN is up and passing traffic and it seems to be very stable, but the logs are filling up with the following messages. They log 2 or 3 every minute and it's making it very difficult to check the logs for a real problem.
I've copied the relevant log entries in below. Both devices are behind NAT devices (subnets "a" and "d" below) that act as WAN aggregators, but that didn't give us any trouble before upgrading b.1 to enhanced. I've verified that both tunnels are set up correctly and have even destroyed and re-created the tunnels on both ends. Needless to say, SonicWall support has been no help.
I've copied the relevant log entries in below. Both devices are behind NAT devices (subnets "a" and "d" below) that act as WAN aggregators, but that didn't give us any trouble before upgrading b.1 to enhanced. I've verified that both tunnels are set up correctly and have even destroyed and re-created the tunnels on both ends. Needless to say, SonicWall support has been no help.
Code:
09/10/2009 09:56:42.912 Warning VPN IKE Received notify. NO_PROPOSAL_CHOSEN xxx.xxx.xxx.186, 500 192.168.d.xxx, 500
09/10/2009 09:56:42.912 Info VPN IKE IKE Initiator: Start Quick Mode (Phase 2). 192.168.d.xxx, 500 xxx.xxx.xxx.186, 500 VPN Policy: S2S-VPN
Code:
09/10/2009 09:57:30.048 IKE Responder: IPSec proposal does not match (Phase 2) xxx.xxx.xxx.250 192.168.a.xxx 192.168.b.0/22 -> 192.168.c.0/24
09/10/2009 09:57:30.048 IKE Responder: No matching Phase 1 ID found for proposed remote network xxx.xxx.xxx.250 192.168.a.xxx 192.168.b.0/22
09/10/2009 09:57:30.048 IKE Responder: Received Quick Mode Request (Phase 2) xxx.xxx.xxx.250, 500 192.168.a.xxx, 500