Pfsense and sonicwall
-
i have a pfsense box at home and a sonicwall firewall at work and i would like to setup a temporary VPN tunnel between pfsense and sonicwall.
i have no problem connecting to other sonicwall firewalls at other sites, but that is a little easier (for me) since the hardware and firmware on the sonicwalls are the same.
however, i have never done this from the pfsense side and i am not sure what the proper steps are.
thanks.
-
It's not a big deal, just don't use the sonic proprietary ID as the identifier. Use the IP address and match all the settings. In my experience, tunneling to a sonic will intermittently stop passing traffic for no good reason at all. I attribute this to the fact that sonicOS was created by the devil himself. Others may have different explanations.
-
It's not a big deal, just don't use the sonic proprietary ID as the identifier. Use the IP address and match all the settings. In my experience, tunneling to a sonic will intermittently stop passing traffic for no good reason at all. I attribute this to the fact that sonicOS was created by the devil himself. Others may have different explanations.
thank you for the reply. i was looking for a bit more detail, where do i start on the pfsense side? will i be creating 1 connection under the ipsec section?
thanks.
-
If it is just IPsec and only a site-to-site, then you are only going to create 1 connection. You will need to create a Phase1 and a matching Phase2. You will just match the encryption type and other between the 2 sites. Also, please search.
First hit on google: http://doc.pfsense.org/index.php/VPN_Capability_IPsec#Site_to_Site_VPN_Explainedor
http://community.spiceworks.com/how_to/show/3241-setup-a-ipsec-vpn-between-pfsense-ans-sonicwall-tz
Once you get through that and it still doesn't work, then we can help you further.
-
If it is just IPsec and only a site-to-site, then you are only going to create 1 connection. You will need to create a Phase1 and a matching Phase2. You will just match the encryption type and other between the 2 sites. Also, please search.
First hit on google: http://doc.pfsense.org/index.php/VPN_Capability_IPsec#Site_to_Site_VPN_Explainedor
http://community.spiceworks.com/how_to/show/3241-setup-a-ipsec-vpn-between-pfsense-ans-sonicwall-tz
Once you get through that and it still doesn't work, then we can help you further.
http://community.spiceworks.com/how_to/show/3241-setup-a-ipsec-vpn-between-pfsense-ans-sonicwall-tz
i followed those directions and under ipsec status on the pfsense box i have a yellow box.
followed those directions, making the necessary changes.
no green light on the sonicwall.
i confirmed the settings, they are the same, minus the local networks, on both sides.
EDIT- i got it working, i had to create a rule for ipsec, by default there is no rule.
green box on pfsense and green circle on sonicwall.
-
From memory, 3DES is more reliable than AES when connecting to a sonic. It may also help to disable DPD and NAT-T.