Pfsense and sonicwall

A Former User

i have a pfsense box at home and a sonicwall firewall at work and i would like to setup a temporary VPN tunnel between pfsense and sonicwall.

i have no problem connecting to other sonicwall firewalls at other sites, but that is a little easier (for me) since the hardware and firmware on the sonicwalls are the same.

however, i have never done this from the pfsense side and i am not sure what the proper steps are.

thanks.

dotdash

It's not a big deal, just don't use the sonic proprietary ID as the identifier. Use the IP address and match all the settings. In my experience, tunneling to a sonic will intermittently stop passing traffic for no good reason at all. I attribute this to the fact that sonicOS was created by the devil himself. Others may have different explanations.

A Former User

@dotdash:

It's not a big deal, just don't use the sonic proprietary ID as the identifier. Use the IP address and match all the settings. In my experience, tunneling to a sonic will intermittently stop passing traffic for no good reason at all. I attribute this to the fact that sonicOS was created by the devil himself. Others may have different explanations.

thank you for the reply.  i was looking for a bit more detail, where do i start on the pfsense side?  will i be creating 1 connection under the ipsec section?

thanks.

podilarius

If it is just IPsec and only a site-to-site, then you are only going to create 1 connection. You will need to create a Phase1 and a matching Phase2. You will just match the encryption type and other between the 2 sites. Also, please search.
First hit on google: http://doc.pfsense.org/index.php/VPN_Capability_IPsec#Site_to_Site_VPN_Explained

or

http://community.spiceworks.com/how_to/show/3241-setup-a-ipsec-vpn-between-pfsense-ans-sonicwall-tz

Once you get through that and it still doesn't work, then we can help you further.

A Former User

@podilarius:

If it is just IPsec and only a site-to-site, then you are only going to create 1 connection. You will need to create a Phase1 and a matching Phase2. You will just match the encryption type and other between the 2 sites. Also, please search.
First hit on google: http://doc.pfsense.org/index.php/VPN_Capability_IPsec#Site_to_Site_VPN_Explained

or

http://community.spiceworks.com/how_to/show/3241-setup-a-ipsec-vpn-between-pfsense-ans-sonicwall-tz

Once you get through that and it still doesn't work, then we can help you further.

http://community.spiceworks.com/how_to/show/3241-setup-a-ipsec-vpn-between-pfsense-ans-sonicwall-tz

i followed those directions and under ipsec status on the pfsense box i have a yellow box.

followed those directions, making the necessary changes.

no green light on the sonicwall.

i confirmed the settings, they are the same, minus the local networks, on both sides.

EDIT- i got it working, i had to create a rule for ipsec, by default there is no rule.

green box on pfsense and green circle on sonicwall.

dotdash

From memory, 3DES is more reliable than AES when connecting to a sonic. It may also help to disable DPD and NAT-T.