Here's a brief technote on configuring a site-to-site VPN between ASG V6 and a SonicWALL TZ170 VPN appliance.
SonicWALL info:
Model: TZ 170 Standard
Firmware: SonicOS Standard 3.1.0.15-95s
ROM: SonicROM 3.0.0.6
ASG info:
Version: 6.303
IP Info:
Tested with DDNS on both VPN endpoints
ASG VPN configuration:
Type: Standard
IPSec Policy: 3DES_PFS
Auto Packet Filter: On
Strict Routing: Off
Local Endpoint: ASG Public interface
Remote Endpoint: TZ170 Public interface (configured for DNS hostname in Definitions -> Networks)
Local Network: ASG internal LAN
Remote Network: TZ170 internal LAN (configured in Definitions -> Networks)
Key: PSK
TZ170 VPN Configuration:
IPSec Keying Mode: IKE Using Preshared Secret
IPSec Primary Gateway Name or Address: ASG DNS hostname
IPSec Secondary Gateway Name or Address: 0.0.0.0
Destination Networks: ASG internal LAN
Proposals:
IKE (Phase 1) Proposal:
Exchange: Aggressive Mode
DH Group: Group 5
Encryption: 3DES
Authentication: MD5
Life Time (seconds): 28800
IKE (Phase 2) Proposal:
Protocol: ESP
Encryption: 3DES
Authentication: MD5
Enable Perfect Forward Secrecy: checked
DH Group: Group 5
Life Time (seconds): 28800
Advanced:
Enable Keep Alive: checked
Works here. Main Mode should also work, but I haven't tested (yet). There is some more info available on the OpenSwan site: http://wiki.openswan.org/index.php/Openswan/SonicWall. The SonicWALL doc is pretty old on this, and is misleading (now) due to its reference to Sonic Enhanced (which is no longer required for such connections).
Hope this helps somebody else, as I know that these little TZ170's are pretty popular these days.
This thread was automatically locked due to age.