We have the following configuration:
Internet-ASG-Cisco_Router-Sonicwall4060-LAN
I want to configure VPN connection as follows:
1. User connects to the ASG using road warrior.
2. Site-Site VPN between ASG and Sonicwall which connects the user to the internal network.
Has anyone tried this configuration? I am having lots of trouble making the site-site connection between the ASG and the Sonicwall. Does anyone has any experience with this configuration? I get the below error:
000
000 "S_Sonicwall__200_0":
192.168.210.1...192.168.200.1===255.255.255.0/24;
unrouted; eroute owner: #0
000 "S_Sonicwall__200_0": srcip=unset; dstip=unset
000 "S_Sonicwall__200_0": ike_life: 28800s; ipsec_life: 28800s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
000 "S_Sonicwall__200_0": policy: PSK+ENCRYPT+TUNNEL+UP; prio: 32,24;
interface: eth0;
000 "S_Sonicwall__200_0": dpd: (null); delay:30; timeout:120;
000 "S_Sonicwall__200_0": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "S_Sonicwall__200_0": IKE algorithms wanted: 5_000-1-2,
flags=-strict
000 "S_Sonicwall__200_0": IKE algorithms found: 5_192-1_128-2,
000 "S_Sonicwall__200_0": ESP algorithms wanted: 3_000-1,
flags=-strict
000 "S_Sonicwall__200_0": ESP algorithms loaded: 3_000-1,
flags=-strict
000
000 #7: "S_Sonicwall__200_0":500 STATE_MAIN_R1 (sent MR1, expecting
MI2);
EVENT_RETRANSMIT in 12s; nodpd
000 #10: "S_Sonicwall__200_0":500 STATE_MAIN_I1 (sent MI1, expecting
MR1);
EVENT_RETRANSMIT in 39s; nodpd
000 #10: pending Phase 2 for "S_Sonicwall__200_0" replacing #0
000 #8: "S_Sonicwall__200_0":500 STATE_MAIN_R1 (sent MR1, expecting
MI2);
EVENT_RETRANSMIT in 21s; nodpd
000 #6: "S_Sonicwall__200_0":500 STATE_MAIN_R1 (sent MR1, expecting
MI2);
EVENT_RETRANSMIT in 6s; nodpd
000 #5: "S_Sonicwall__200_0":500 STATE_MAIN_R1 (sent MR1, expecting
MI2);
EVENT_RETRANSMIT in 1s; nodpd
000 #9: "S_Sonicwall__200_0":500 STATE_MAIN_R1 (sent MR1, expecting
MI2);
EVENT_RETRANSMIT in 39s; nodpd
000
This thread was automatically locked due to age.
