Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Problem with S2S VPN b/w Cisco ASA 5540 and DELL SONICWALL NSA 240

Guys... Need Help here with a Problem.


i have Cisco ASA 5540 and trying to make IPSEC Site-2-Site VPN with a client (their device is DELL SONICWALL NSA 240).


ALL parameters of Phase I and II are exactly matching ..... i have tried many possibilities but somehow phase II is NOT coming UP. i have checked it on different forums and found that i am NOT the only one who is facing this problem with these two devices but couldnt find a solution to this problem.


One Anomaly .... My Public leg of ASA is behind a NAT Public IP but somehow on DELL SONICWALL NSA 240 firewall ..... my NAT (Live IP) and actual private IP of my ASA public leg is shown in the Logs.

quick help would be much appriciated.

1 REPLY
New Member

Problem with S2S VPN b/w Cisco ASA 5540 and DELL SONICWALL NSA

Finally the testing is successful on Sonicwall NSA 240 as well with Cisco ASA. Actually somehow Sonicwall firewall was discovering my VPN Box's Public leg (Private IP (10.10.50.10)) as well, which was behind a Live Peer IP (203.124.x.x). As per security policies it shouldnt have been discovered on the remote end. i will bring this in Cisco TAC notice.


Logs of Sonicwall were showing ASA local ike id as "203.124.x.x" & ASA Remote ike id "10.10.50.10".


Sonicwall sets these two parameters with PSK (local ike id & remote ike id). This is other than setting the Peer IP. i asked my client to add my ASA actual and NAT IP in these two parameters and the VPN got UP.

221
Views
0
Helpful
1
Replies