Cant Access Remote Sonic Wall VPN through Pfsense
-
I am looking for some support on my issue connecting to my companies Sonicwall VPN remotely. I am posting this question here because I am using a pfSense router at home and for some reason, I cannot access the VPN.
I can access the VPN from the same computer when I hotspot my phone on wifi. This leads me to believe there is something going on with my pfSense config.
I am not a pfSense or IT expert so please be gentle.
The logs on my Sonicwall client are shown below:
Starting ISAKMP phase 1 negotiation.
An error occurred.
The peer is not responding to phase 1 ISAKMP requests.
Starting ISAKMP phase 1 negotiation.I am looking for some advice on how to troubleshoot this and fix it.
Thank you in advance!
-
Almost always because the default outbound NAT rules have been changed and you no longer have a rule using static source ports for port 500 traffic. That is required for most IPSec connections through the firewall.
Is that possible?
Steve
-
Thanks for the reply Stephen.
So I have copied what I assume are autogenerated rules for the WAN interface to setup a couple of OpenVPN clients (screetshot below).
Is it possible this is the issue? I don't think (or remember) making any changes to the WAN NAT mappings.
-
@misterjtc said in Cant Access Remote Sonic Wall VPN through Pfsense:
So I have copied what I assume are autogenerated rules for the WAN interface to setup a couple of OpenVPN clients (screetshot below).
Is it possible this is the issue?So you're running OpenVPN clients on pfSense?
Do you direct the traffic from that computer over one of these VPNs? -
Yup could be something to do with policy routing IPSec over OpenVPN.
Your Outbound NAT rules look correct though. Assuming your client is in the 192.168.86.0/24 subnet you have a rule with static source ports for port 500.
Steve