Ryfujk

Why do UK politicians seemingly ignore opinion polls on Brexit?

Why isn't airport relocation done gradually?

Can a rogue use sneak attack with weapons that have the thrown property even if they are not thrown?

What could be the right powersource for 15 seconds lifespan disposable giant chainsaw?

What did it mean to "align" a radio?

What is the accessibility of a package's `Private` context variables?

Deal with toxic manager when you can't quit

Identify boardgame from Big movie

Resizing object distorts it (Illustrator CC 2018)

Can you compress metal and what would be the consequences?

Does a dangling wire really electrocute me if I'm standing in water?

Loose spokes after only a few rides

Return to UK after being refused entry years previously

Is this app Icon Browser Safe/Legit?

Origin of "cooter" meaning "vagina"

What is the motivation for a law requiring 2 parties to consent for recording a conversation

Pokemon Turn Based battle (Python)

Why is the maximum length of OpenWrt’s root password 8 characters?

Can someone be penalized for an "unlawful" act if no penalty is specified?

Aging parents with no investments

Can a flute soloist sit?

Why can Shazam fly?

Worn-tile Scrabble

Why do we hear so much about the Trump administration deciding to impose and then remove tariffs?

site to site vpn between sonicwall and pfsense

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}

2

The problem i am facing is establishment of a site to site VPN in between pfSense( version 2.0.1) and SonicWall Pro2040 Enhanced ( Firmware Version: SonicOS Enhanced 4.2.1.4-7e) .
All of the configuration is done properly , still i got the following error in sonicwall -

Phase 1 and 2 passes properly but problem with "Payload processing" i found that it could be for shared key mismatch but I double check , no mismatch with shared key in both firewall .
It also shows in sonicwall that tunnel is active-

The log from pfSense is below -

In pfSense the tunnel shows inactive .

I am not too expert in firewall, so I will be grateful if will receive a proper guideline in this regard,

vpn pfsense sonicwall

share|improve this question

asked Jan 15 '14 at 6:08

mustaquemustaque

41125

bumped to the homepage by Community♦ 11 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Not sure, but if you have completed phase 2 the tunnel should be up. Looks like it stays up for a little over 30 seconds, then dead peer detection shuts it down. What are your DPD timeouts set to? Do you have traffic going over the tunnel? Have you tried capturing packets while establishing the tunnel and then pushing traffic? Can you paste logs from the same time period so we can match up what happens on either side?
  
  – mpontillo
  Jan 15 '14 at 6:19
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  dpd timeouts set to 10 seconds and retries 5 times.
  
  – mustaque
  Jan 16 '14 at 5:48
  

  
  
  
  

add a comment | 

2

The problem i am facing is establishment of a site to site VPN in between pfSense( version 2.0.1) and SonicWall Pro2040 Enhanced ( Firmware Version: SonicOS Enhanced 4.2.1.4-7e) .
All of the configuration is done properly , still i got the following error in sonicwall -

Phase 1 and 2 passes properly but problem with "Payload processing" i found that it could be for shared key mismatch but I double check , no mismatch with shared key in both firewall .
It also shows in sonicwall that tunnel is active-

The log from pfSense is below -

In pfSense the tunnel shows inactive .

I am not too expert in firewall, so I will be grateful if will receive a proper guideline in this regard,

vpn pfsense sonicwall

share|improve this question

asked Jan 15 '14 at 6:08

mustaquemustaque

41125

bumped to the homepage by Community♦ 11 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Not sure, but if you have completed phase 2 the tunnel should be up. Looks like it stays up for a little over 30 seconds, then dead peer detection shuts it down. What are your DPD timeouts set to? Do you have traffic going over the tunnel? Have you tried capturing packets while establishing the tunnel and then pushing traffic? Can you paste logs from the same time period so we can match up what happens on either side?
  
  – mpontillo
  Jan 15 '14 at 6:19
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  dpd timeouts set to 10 seconds and retries 5 times.
  
  – mustaque
  Jan 16 '14 at 5:48
  

  
  
  
  

add a comment | 

The problem i am facing is establishment of a site to site VPN in between pfSense( version 2.0.1) and SonicWall Pro2040 Enhanced ( Firmware Version: SonicOS Enhanced 4.2.1.4-7e) .
All of the configuration is done properly , still i got the following error in sonicwall -

Phase 1 and 2 passes properly but problem with "Payload processing" i found that it could be for shared key mismatch but I double check , no mismatch with shared key in both firewall .
It also shows in sonicwall that tunnel is active-

The log from pfSense is below -

In pfSense the tunnel shows inactive .

I am not too expert in firewall, so I will be grateful if will receive a proper guideline in this regard,

vpn pfsense sonicwall

share|improve this question

asked Jan 15 '14 at 6:08

mustaquemustaque

41125

share|improve this question

asked Jan 15 '14 at 6:08

mustaquemustaque

41125

share|improve this question

asked Jan 15 '14 at 6:08

mustaquemustaque

41125

asked Jan 15 '14 at 6:08

mustaquemustaque

41125

asked Jan 15 '14 at 6:08

mustaquemustaque

41125

1 Answer
1

active

oldest

votes

0

Looks like you don't have DPD enabled on the Sonicwall. Make sure it's enabled, and that the settings match, or else disable DPD on the pfSense side.

share|improve this answer

answered Jan 15 '14 at 9:03

Chris BuechlerChris Buechler

2,8711016

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  dpd is enable in both firewall, now no error in sonicwall log , but error in pfsense log ,they are 1." no policy found try to generate the policy " 2."no configuration found for ...." 3. failed to begin ipsec sa neogation"
  
  – mustaque
  Jan 15 '14 at 14:25
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  packets out from sonicwall is working and vpn tunnel shows green. No error in sonicwall log. But in pfsense side, the tunnel shows inactive, packets in to sonicwall is 0 , it means the sonicwall can send packets but can receive as pfsense could not send any packets or receiving any packets.log from pfsense - racoon : ERROR : no configuration found for x.x.x.x ( remote IP) raccon : ERROR: failed to begin ipsec sa negotiation . Please help
  
  – mustaque
  Jan 16 '14 at 9:32
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f567352%2fsite-to-site-vpn-between-sonicwall-and-pfsense%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

Looks like you don't have DPD enabled on the Sonicwall. Make sure it's enabled, and that the settings match, or else disable DPD on the pfSense side.

share|improve this answer

answered Jan 15 '14 at 9:03

Chris BuechlerChris Buechler

2,8711016

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  dpd is enable in both firewall, now no error in sonicwall log , but error in pfsense log ,they are 1." no policy found try to generate the policy " 2."no configuration found for ...." 3. failed to begin ipsec sa neogation"
  
  – mustaque
  Jan 15 '14 at 14:25
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  packets out from sonicwall is working and vpn tunnel shows green. No error in sonicwall log. But in pfsense side, the tunnel shows inactive, packets in to sonicwall is 0 , it means the sonicwall can send packets but can receive as pfsense could not send any packets or receiving any packets.log from pfsense - racoon : ERROR : no configuration found for x.x.x.x ( remote IP) raccon : ERROR: failed to begin ipsec sa negotiation . Please help
  
  – mustaque
  Jan 16 '14 at 9:32
  

  
  
  
  

add a comment | 

0

Looks like you don't have DPD enabled on the Sonicwall. Make sure it's enabled, and that the settings match, or else disable DPD on the pfSense side.

share|improve this answer

answered Jan 15 '14 at 9:03

Chris BuechlerChris Buechler

2,8711016

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  dpd is enable in both firewall, now no error in sonicwall log , but error in pfsense log ,they are 1." no policy found try to generate the policy " 2."no configuration found for ...." 3. failed to begin ipsec sa neogation"
  
  – mustaque
  Jan 15 '14 at 14:25
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  packets out from sonicwall is working and vpn tunnel shows green. No error in sonicwall log. But in pfsense side, the tunnel shows inactive, packets in to sonicwall is 0 , it means the sonicwall can send packets but can receive as pfsense could not send any packets or receiving any packets.log from pfsense - racoon : ERROR : no configuration found for x.x.x.x ( remote IP) raccon : ERROR: failed to begin ipsec sa negotiation . Please help
  
  – mustaque
  Jan 16 '14 at 9:32
  

  
  
  
  

add a comment | 

Looks like you don't have DPD enabled on the Sonicwall. Make sure it's enabled, and that the settings match, or else disable DPD on the pfSense side.

share|improve this answer

answered Jan 15 '14 at 9:03

Chris BuechlerChris Buechler

2,8711016

share|improve this answer

answered Jan 15 '14 at 9:03

Chris BuechlerChris Buechler

2,8711016

answered Jan 15 '14 at 9:03

Chris BuechlerChris Buechler

2,8711016

answered Jan 15 '14 at 9:03

Chris BuechlerChris Buechler

2,8711016