Archived from groups: comp.dcom.vpn (More info?)
Our relative equipment:
- Sonicwall XPRS2 Firewall w/VPN upgrade
- SafeNet SoftRemote Secure VPN Client (latest build available)
- Integrated Intel Centrino 802.11b/g wireless card
(Windows XP Pro on the laptops)
Our VPN has worked fairly well over ethernet. It's not the newest
global VPN client that Sonicwall offers now, but our hardware doesn't
support that client.
We've been unsuccessful establishing a VPN tunnel/connection when
using wifi. I've tried from a couple locations where we can
successfully connect onto the wireless network and hit the net just
fine, but no VPN. At these locations, I have no trouble establishing
a tunnel and working successfully when I switch to ethernet. Exerpt
from log:
-----------------------
14:16:27.142 Interface added: 137.48.241.28/255.255.252.0 on LAN
"Intel(R) PRO/Wireless 2200BG Network Connection".
14:21:18.341
14:21:18.371 My Connections\GroupVPN 10.0.0.0 - Initiating IKE Phase 1
(IP ADDR=[sonicwall pub addy])
14:21:18.411 My Connections\GroupVPN 10.0.0.0 - SENDING>>>> ISAKMP OAK
AG (SA, KE, NON, ID, VID, VID, VID, VID)
14:21:42.305
14:22:18.557 My Connections\GroupVPN 10.0.0.0 - message not received!
Retransmitting!
14:22:18.557 My Connections\GroupVPN 10.0.0.0 - SENDING>>>> ISAKMP OAK
AG (Retransmission)
------------------------
It loops Phase 1 as such.
I have read a few posts concerning conflicts between IPSec and NAT.
It seems the option to allow NAT Traversal on our Sonicwall is
designed to address this, but we have the same issue whether or not
the option is enabled.
I've tried dinking around with a few other settings on the Sonicwall
and on the client software to no avail. I still have to do some
playing around to see if I can get things to work on my home network
where I have control over the WAP settings, but my concern is with the
posts I read, the fixes were generally concentrated on the router/WAP
settings for the wireless network the client was connecting to
(generally using VPN from home). We're looking to use our laptops as
an "on the road" solution, so we do not have such options. Is there
anything we can do within our power to solve this problem?
Thanks for any ideas,
PJ
Our relative equipment:
- Sonicwall XPRS2 Firewall w/VPN upgrade
- SafeNet SoftRemote Secure VPN Client (latest build available)
- Integrated Intel Centrino 802.11b/g wireless card
(Windows XP Pro on the laptops)
Our VPN has worked fairly well over ethernet. It's not the newest
global VPN client that Sonicwall offers now, but our hardware doesn't
support that client.
We've been unsuccessful establishing a VPN tunnel/connection when
using wifi. I've tried from a couple locations where we can
successfully connect onto the wireless network and hit the net just
fine, but no VPN. At these locations, I have no trouble establishing
a tunnel and working successfully when I switch to ethernet. Exerpt
from log:
-----------------------
14:16:27.142 Interface added: 137.48.241.28/255.255.252.0 on LAN
"Intel(R) PRO/Wireless 2200BG Network Connection".
14:21:18.341
14:21:18.371 My Connections\GroupVPN 10.0.0.0 - Initiating IKE Phase 1
(IP ADDR=[sonicwall pub addy])
14:21:18.411 My Connections\GroupVPN 10.0.0.0 - SENDING>>>> ISAKMP OAK
AG (SA, KE, NON, ID, VID, VID, VID, VID)
14:21:42.305
14:22:18.557 My Connections\GroupVPN 10.0.0.0 - message not received!
Retransmitting!
14:22:18.557 My Connections\GroupVPN 10.0.0.0 - SENDING>>>> ISAKMP OAK
AG (Retransmission)
------------------------
It loops Phase 1 as such.
I have read a few posts concerning conflicts between IPSec and NAT.
It seems the option to allow NAT Traversal on our Sonicwall is
designed to address this, but we have the same issue whether or not
the option is enabled.
I've tried dinking around with a few other settings on the Sonicwall
and on the client software to no avail. I still have to do some
playing around to see if I can get things to work on my home network
where I have control over the WAP settings, but my concern is with the
posts I read, the fixes were generally concentrated on the router/WAP
settings for the wireless network the client was connecting to
(generally using VPN from home). We're looking to use our laptops as
an "on the road" solution, so we do not have such options. Is there
anything we can do within our power to solve this problem?
Thanks for any ideas,
PJ