I’m installing a Sonicwall Soho for a client, I’ve already set the comcast modem to bridge mode and created the VPN Wan and all that Jazz.
When trying to connect from the Global VPN Client (sonicwall) it just hangs on connecting and never prompts for secret.
This is the error I’m getting:
The peer is not responding to phase 1 ISAKMP requests.
To make matters even more interesting, I tried connecting to another client’s network which I had in the past and I’m now unable to connect.
Are there any new settings I may be missing?
Open the connection properties on the client and check " Restrict the size of the first ISAKMP packet sent"
Did fthedones solution work? If not, try toggling the Gvpn service in the vpn settings of the sonicwall. It’ll disconnect everyone briefly but should auto connect them once re-enabled.
Two questions.
Can another clients connect to THIS sonicwall.
Can this client connect to ANOTHER sonicwall.
That will help tell you where the problem is.
I would run a pcap in the firewall for UDP 500/4500 and confirm the modem is allowing the traffic.
I’ve seen this before too, that check box didn’t do it for me. From where you’re connecting from, try modifying the MTU size down to 1400.
I have this happen to me all the time. Try going into the X1 interface settings and change the MTU from 1500 to 1499 and save it. Then change it back to 1500 and save. That should resolve the issue.
Thank you all for your input!
I ended up going through an onsite Comcast tech, 2 remote techs and then bit the bullet and paid for the SonicWall support.
All settings were correct on the firewall and the tech was pretty much saying there was nothing he could do. I convinced him to look over the modem with me and we found a “redirect” option which was redirecting the VPN to God knows where (old IT mess).
Removed that setting and good to go!
Came here to post exactly this ^^^^
It was a freaking redirect option in the Comcast modem which was redirecting the connection to God knows where.
Give this man a medal. This saved my day today.
Did fthedones solution work? If not, try toggling the Gvpn service in the vpn settings of the sonicwall. It’ll disconnect everyone briefly but should auto connect them once re-enabled.
Nope, it was a freaking redirect option in the Comcast modem which was redirecting the connection to God knows where.
Can this client connect to ANOTHER sonicwall.
It was a freaking redirect option in the Comcast modem which was redirecting the connection to God knows where.
How did you end up deactivating that redirect?
From within the Comcast modem, there was a setting (forgot the name by now) that had another IP filled out.