Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense and sonicwall

    Scheduled Pinned Locked Moved IPsec
    6 Posts 3 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by

      i have a pfsense box at home and a sonicwall firewall at work and i would like to setup a temporary VPN tunnel between pfsense and sonicwall.

      i have no problem connecting to other sonicwall firewalls at other sites, but that is a little easier (for me) since the hardware and firmware on the sonicwalls are the same.

      however, i have never done this from the pfsense side and i am not sure what the proper steps are.

      thanks.

      1 Reply Last reply Reply Quote 0
      • dotdashD
        dotdash
        last edited by

        It's not a big deal, just don't use the sonic proprietary ID as the identifier. Use the IP address and match all the settings. In my experience, tunneling to a sonic will intermittently stop passing traffic for no good reason at all. I attribute this to the fact that sonicOS was created by the devil himself. Others may have different explanations.

        1 Reply Last reply Reply Quote 0
        • ?
          A Former User
          last edited by

          @dotdash:

          It's not a big deal, just don't use the sonic proprietary ID as the identifier. Use the IP address and match all the settings. In my experience, tunneling to a sonic will intermittently stop passing traffic for no good reason at all. I attribute this to the fact that sonicOS was created by the devil himself. Others may have different explanations.

          thank you for the reply.  i was looking for a bit more detail, where do i start on the pfsense side?  will i be creating 1 connection under the ipsec section?

          thanks.

          1 Reply Last reply Reply Quote 0
          • P
            podilarius
            last edited by

            If it is just IPsec and only a site-to-site, then you are only going to create 1 connection. You will need to create a Phase1 and a matching Phase2. You will just match the encryption type and other between the 2 sites. Also, please search.
            First hit on google: http://doc.pfsense.org/index.php/VPN_Capability_IPsec#Site_to_Site_VPN_Explained

            or

            http://community.spiceworks.com/how_to/show/3241-setup-a-ipsec-vpn-between-pfsense-ans-sonicwall-tz

            Once you get through that and it still doesn't work, then we can help you further.

            1 Reply Last reply Reply Quote 0
            • ?
              A Former User
              last edited by

              @podilarius:

              If it is just IPsec and only a site-to-site, then you are only going to create 1 connection. You will need to create a Phase1 and a matching Phase2. You will just match the encryption type and other between the 2 sites. Also, please search.
              First hit on google: http://doc.pfsense.org/index.php/VPN_Capability_IPsec#Site_to_Site_VPN_Explained

              or

              http://community.spiceworks.com/how_to/show/3241-setup-a-ipsec-vpn-between-pfsense-ans-sonicwall-tz

              Once you get through that and it still doesn't work, then we can help you further.

              http://community.spiceworks.com/how_to/show/3241-setup-a-ipsec-vpn-between-pfsense-ans-sonicwall-tz

              i followed those directions and under ipsec status on the pfsense box i have a yellow box.

              followed those directions, making the necessary changes.

              no green light on the sonicwall.

              i confirmed the settings, they are the same, minus the local networks, on both sides.

              EDIT- i got it working, i had to create a rule for ipsec, by default there is no rule.

              green box on pfsense and green circle on sonicwall.

              1 Reply Last reply Reply Quote 0
              • dotdashD
                dotdash
                last edited by

                From memory, 3DES is more reliable than AES when connecting to a sonic. It may also help to disable DPD and NAT-T.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.