PermaLink SonicWall VPN Client Doesn't Work Behind NAT Firewall02/13/2007 11:50 PM
You'd think an IPSEC client is an IPSEC client, but I guess not.  I use a SyGate firewall for the network and it allows the Cisco VPN Client through w/ no problems.  The SonicWall VPN client does not.  It just keeps logging "peer is not responding to phase 1 ISAKMP requests".  If you search for this in SonicWall's knowledgebase, you'll quickly find out that their VPN client has issues w/ NAT firewalls, even if you tell it to do NAT traversal.  You also can't use Cisco's VPN Client to talk to a SonicWall Firewall.  If you want your users to be happy, get a Cisco Firewall and avoid the SonicWall
Comments :v

1. Jairo Montenegro11/13/2015 01:37:14

This is the solution: in the config menu of your Router (or firewall router, I'm not sure) you must have activated (enable) all options of the "ALG Configuration": I think that IPSEC disable is actually the problem, but enable all options is the easiest way.

2. Nikita Agarwal09/17/2015 05:33:28

I am getting error - "Peer is not responding to phase 1 ISAKMP requests" using MTS postpaid dongle. But when I try using MTS Prepaid dongle or any other device for connectivity, it works fine. Using SonicWall Global VPN client on windows 8.

3. Alex01/04/2013 08:09:23

Just throw your freakin sonicwall into dustbin and wash your hand. then your life will be very smooth.

4. Tom Brock11/05/2012 15:34:16

We have just moved from TZ 170 SP to a TZ 210 with the enhanced OS. I was able to use the configuration tool and upgrade properly to the enhanced OS.

Ours is a very simple setup as we have about 12 remote desktops users (VPN) going from windows 7 machines to server 2008. No Problem there.

Our ISP is Logix and we have a network connection into the black box(from out network switch) to run the phone system- no problem there.

The only problem we have is with one person in Houston (we are in Dallas) with his remote ip phone. *This is not, nor do we want VOIP) They had no problem prior to my exchange of firewalls last week. After the hookup, the phone had no problem connecting from either end just by pressing the same keys on the ESI phone system that we always have. However for no reason and at different times the remote phone will disconnect in the middle of a conversation and then reconnect some 30-40 seconds later. IT is not losing power. Internet connectivity is fine at both ends- no loss there.

The current settings as "translated " from the original using UDP port 59001

are: (under Network/nat policy/ Original source -Any, translated source- any, original destination-any, translated destination-, original source -Remote phone, translated source-Original, inbound and outbound interface- any, NAT policy is checked. Nat method on advanced page is "sticky IP" and is grayed out- so no change is possible.

The firewall policy is wan to lan, service-remote phone, source-any, destination-wan interface ip, all users allowed and always on.

We use none of the security services of the firewall.

Does anyone see any problem with this configuration that would allow in the middle of the conversation for the remote phone to try and reconnect. The phone service man- thinks there is something wrong internally with the phone and that may be, however I am concerned about the coincidence of the problem occurring at the time of the exchange of firewalls.

Any suggestions, ideas or considerations. They are all quite welcomed.


Tom in Dallas

5. cyberghost01/16/2012 10:05:31

We use TZ170. My computer is Windows 7 64-bit with Client
My VPN connection would work with the ethernet cable plugged in, but not over wifi
I went to the network adapter settings, from the Network and sharing center, and found that I had two wireless adapters. One of them was connected to a wifi network, and the second one was disconnected. I have disabled this second one, and right away, the VPN client started to work.

6. Jono07/21/2011 08:04:47

I know this is an OLD thread, but I have had the same problem and I'm using a Netgear FR114P.
I fixed it by unchecking the option to "Drop Fragmented IP Packets" on the firewall.
Hope this helps anyone that stumbles across this in the future!

7. Mani09/01/2009 22:58:57

My system is behind sonicwalll. I am trying to use a software to send efaxes. I think my sonicwall is restricting me form sending faxes. please suggest what need to be checked


8. Frank Kjaer 07/11/2008 13:52:36

I have same problem with a Phillps router trying to connect to the SonicWall via the VPN client. The log just keep saying :
"An incoming ISAKMP packet from "IPadress" was ignored."
"The peer is not responding to phase 1 ISAKMP requests."
Change the Phillps router to Linksys - Works fine.
SonicWall shoud drown in coffee...

9. Nikola02/14/2008 09:46:15

I have similar problem. I'm trying to connect to remote Sonicwall VPN router from our corporate network which is behind NETGEAR Firewall/router. I have this error in the SonicWall VPN Client
"The peer is not responding to phase 1 ISAKMP requests."
I've tested the client form another computer that is connected directly to the internet and has real static IP and no firewalls behind. It works perfect. So I concluded that the problem is with NETGEAR's NAT or ... I don't know.

10. Jon12/10/2007 02:58:47

If you are still trying to use the client through your Sysgate firewall try disabling NAT Traversal in the client!

11. Ken Yee06/11/2007 17:53:19

Steve: no other clues. Other folks had a similar problem on SonicWall's forums, but no one had an answer. I'll chalk it up to crappy programming
I worked around my issue by punching a hole through the SonicWall firewall and setting up a Linux OpenVPN server on the other end of the hole. At least that's a standard IPSEC server

12. Steve Riggins06/11/2007 10:22:14

I have a problem with SonicWall and Apple's Airport N Router - same issue, blocked at phase 1 ISAKMP. However it works with my linksys WRT54GS.

Any more clues on this problem?
steve at geeksrus dot com

13. Evan03/08/2007 14:20:03

We're trying to set up a VPN between our client and us; we have a Sonicwall firewall, they have a Checkpoint one. We've had trouble making this systems get along because of the idiosyncrasies of setting up via these two firewalls. Anyone have any experience making this work?

Start Pages
RSS News Feed RSS Comments Feed CoComment Integrated
The BlogRoll
June 2024
Contact Me
About Ken
Full-stack developer (consultant) working with .Net, Java, Android, Javascript (jQuery, Meteor.js, AngularJS), Lotus Domino