AFP548 - Topic: SonicWall issues

This topic has 3 replies, 3 voices, and was last updated 22 years, 1 month ago by afp548contributor.

Viewing 2 posts - 1 through 2 (of 2 total)

Author

Posts
March 13, 2003 at 10:35 am #355340

Anonymous
Participant

Hi Joel,

I know you have VaporSec working with your sonicwall, so I’m hoping there is an easy fix for my problems!
Using a Tele3sp. GroupVPN is configured as in your screen capture in Flying Racoons 3.
Have tried using VaporSec and the cli directions you have in your article. Both fail on the Phase 2 negotiation. System.log has:
Mar 13 18:26:03 sean-Computer racoon: ERROR: isakmp_inf.c:776:isakmp_info_recv_n(): unknown notify message, no phase2 handle found.

Sonicwall log has:
IKE Responder: IPSec proposal does not match (Phase 2)
IKE Responder: ESP Perfect Forward Secrecy mismatch

Thanks for your expert advice 😉

Sean

March 19, 2003 at 1:31 am #355360

opus
Participant

SonicWALLs use the Diffie-Hellman group naming scheme (i.e. 1, 2, 5) and not the bit size (i.e. 768, 1024, etc.).

The DH group for phase 2 perfect forward secrecy is configured under the advanced settings. Make sure perfect forward secrecy is set if it is on the client. After closing the advanced settings window make sure to update the main GroupVPN page od the changes made will not take.
Author

Posts

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.