VPN Connection Between Two SonicWall Devices

I am trying to create a VPN connection between 2 sonicwall TZ 200 and I follow most popular tutorial on the net without success; as sonicwall – whatever I did – shows "No Active VPN Tunnels". The VPN should got linked between:

Main Office [sonicwall router with local IP 192.168.2.1]
Branch office [sonicwall router with local IP 192.168.3.1]

In both offices we have static WAN IP address from ISP.

I need to make basic Site to Site connection between those offices so they can access each other subnet.

What I need in order to make this work?

UPDATE:

the configuration I used is as following:
General
Network
Branch office Main office
Proposals
Advance

Then the it was activated like this from the other side but with changing the peer and local

After activate

UPDATE:

Aggressive mode:

1 11/08/2015 09:11:35.912 Info VPN IKE IKE negotiation aborted due to timeout 192.168.1.15, 500 xx.xx.xx.xxx, 500 VPN Policy: Tubli Office

2 11/08/2015 09:11:01.912 Info VPN IKE IKE Initiator: Remote party timeout – Retransmitting IKE request. 192.168.1.15, 500 xx.xx.xx.xxx, 500 VPN Policy: Tubli Office

3 11/08/2015 09:10:42.912 Info VPN IKE IKE Initiator: Remote party timeout – Retransmitting IKE request. 192.168.1.15, 500 xx.xx.xx.xxx, 500 VPN Policy: Tubli Office

4 11/08/2015 09:10:33.912 Info VPN IKE IKE Initiator: Remote party timeout – Retransmitting IKE request. 192.168.1.15, 500 xx.xx.xx.xxx, 500 VPN Policy: Tubli Office

5 11/08/2015 09:10:26.400 Info VPN IKE IKE Initiator: Start Aggressive Mode negotiation (Phase 1) 192.168.1.15, 500 xx.xx.xx.xxx, 500 VPN Policy: Tubli Office

Main mode:

1 11/08/2015 08:59:28.352 Info VPN IKE IKE Initiator: Remote party timeout – Retransmitting IKE request. 192.168.1.20, 500 xx.xx.xx.xxx, 500 VPN Policy: Main Office

2 11/08/2015 08:59:09.352 Info VPN IKE IKE Initiator: Remote party timeout – Retransmitting IKE request. 192.168.1.20, 500 xx.xx.xx.xxx, 500 VPN Policy: Main Office

3 11/08/2015 08:58:57.352 Info VPN IKE IKE Initiator: Remote party timeout – Retransmitting IKE request. 192.168.1.20, 500 xx.xx.xx.xxx, 500 VPN Policy: Main Office

4 11/08/2015 08:58:50.352 Info VPN IKE IKE Initiator: Start Main Mode negotiation (Phase 1) 192.168.1.20, 500 xx.xx.xx.xxx, 500 VPN Policy: Main Office

I am sure settings are same from both sides. xx.xx.xx.xxx to hide the IP

Not sure if Advance settings is needed here as well but it is same in both sides

Best Answer

According your last log, not even Phase 1 is established because both sides of tunnel got a timeout.

I would suggest to make a packet capture to find where the packet is stopping. You should filter in each device with public ip as filter. I suggest three scenarios:

The (returning) traffic is dropped at the firewall. You will see a red line with a drop code.
There are no returning traffic. Some device is dropping IKE packets in the middle.
You see normal returning traffic. There are another problem in your tunnel config.

Best Answer

Related Solutions

SonicWALL VPN – Troubleshooting No LAN Connection Issues

Fortigate 30D IPSEC VPN Phase1 Configuration Issue – Solutions

Related Topic