Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 2807 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN between UTM 9 on AWS and Sonicwall

Concorp
would love suggestions on how to get the UTM 9  and   TZ 105 site to site working. The UTM 9 is running in AWS VPC and TZ is on-site with static public IP. 
Even with an explicit UDP 500 rule, I see the drop. anyway to disable the rule? 


Default DROP   UDP x.x.x.x : 500  → y.y.y.y : 500  len=284 ttl=64 tos=0x00 srcmac=a:ba:40:47:20:91

Sonicwall  VPN IPSec Received notify: INVALID_ID_INFO

UTM 9

2014:05:23-05:00:33 ]: | DOI: ISAKMP_DOI_IPSEC
2014:05:23-05:00:33 ]: | protocol ID: 1
2014:05:23-05:00:33 ]: | SPI size: 16
2014:05:23-05:00:33 ]: | Notify Message Type: R_U_THERE
2014:05:23-05:00:33 ]: | emitting 8 raw bytes of notify icookie into ISAKMP Notification Payload
2014:05:23-05:00:33 ]: | notify icookie 97 c4 e9 46 bf a4 81 fc
2014:05:23-05:00:33 ]: | emitting 8 raw bytes of notify rcookie into ISAKMP Notification Payload
2014:05:23-05:00:33 ]: | notify rcookie 77 d8 7d 6d d2 9c 53 fa
2014:05:23-05:00:33 ]: | emitting 4 raw bytes of notify data into ISAKMP Notification Payload
2014:05:23-05:00:33 ]: | notify data 00 00 23 1a
2014:05:23-05:00:33 ]: | emitting length of ISAKMP Notification Payload: 32
2014:05:23-05:00:33 ]: | emitting 12 zero bytes of encryption padding into ISAKMP Message
2014:05:23-05:00:33 ]: | emitting length of ISAKMP Message: 92
2014:05:23-05:00:33 ]: | sent DPD notification R_U_THERE with seqno = 8986
2014:05:23-05:00:33 ]: | inserting event EVENT_DPD, timeout in 30 seconds for #2
2014:05:23-05:00:33 ]: | next event EVENT_NAT_T_KEEPALIVE in 20 seconds
2014:05:23-05:00:33 ]: |
2014:05:23-05:00:33 ]: | *received 176 bytes from x.x.x.x:4500 on eth0
2014:05:23-05:00:33 ]: | **parse ISAKMP Message:
2014:05:23-05:00:33 ]: | initiator cookie:
2014:05:23-05:00:33 ]: | 97 c4 e9 46 bf a4 81 fc
2014:05:23-05:00:33 ]: | responder cookie:
2014:05:23-05:00:33 ]: | 77 d8 7d 6d d2 9c 53 fa
2014:05:23-05:00:33 ]: | next payload type: ISAKMP_NEXT_N
2014:05:23-05:00:33 ]: | ISAKMP version: ISAKMP Version 1.0
2014:05:23-05:00:33 ]: | exchange type: ISAKMP_XCHG_INFO
2014:05:23-05:00:33 ]: | flags: none
2014:05:23-05:00:33 ]: | message ID: 25 f1 fa 31
2014:05:23-05:00:33 ]: | length: 176
2014:05:23-05:00:33 ]: | ICOOKIE: 97 c4 e9 46 bf a4 81 fc
2014:05:23-05:00:33 ]: | RCOOKIE: 77 d8 7d 6d d2 9c 53 fa
2014:05:23-05:00:33 ]: | peer: 60 38 a1 ee
2014:05:23-05:00:33 ]: | state hash entry 31
2014:05:23-05:00:33 ]: | state object #2 found, in STATE_MAIN_R3
2014:05:23-05:00:33 ]: "S_Corporate CLV" #2: Informational Exchange message must be encrypted
2014:05:23-05:00:33 ]: | next event EVENT_NAT_T_KEEPALIVE in 20 seconds


This thread was automatically locked due to age.
  • 0
    Hi, Concorp, and welcome to the User BB!

    Just a guess.  Configure the Sonicwall to NOT initiate a connection.  Allow the AWS UTM to contact the Sonicwall.  In the UTM instance, configure the Remote Gateway with a VPN ID of the10. IP address on your interface.

    If that didn't fix your problem, please disable debug, and show us about 60 lines from a single connection attempt.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML