• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Site to Site VPN ISA 2004 and Sonicwall

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Site to Site VPN ISA 2004 and Sonicwall Page: [1]
Login
Message << Older Topic   Newer Topic >>
Site to Site VPN ISA 2004 and Sonicwall - 28.Jun.2005 3:11:00 AM   
Guest
I try to create a Site To Site VPN connection between a Sonicwall TZ 170 and an ISA Serevr 2004 (ISA 2004 SP1, OS: Windows 2003 Server SP1) box. I followed the guide from Microsoft: "Configuring IPSec SiteToSite Connections between ISA Server 2004 and Third Party Gateways". The VPN Connection between the sites seems to be OK.
I have created two access rules to open all traffic from each site to the other. Also I have created the network rule as a route.
I can ping Systems from both sides to both sides.
But when I try to open other connections from LAN->Sonicwall->ISA->LAN(e.g. Outlook -> Exchange 2003, http to an Intranetserver, SAP, FTP to an Intranetserver) this will fail (timeout with error)? Name resolution via DNS works fine.

Any ideas?
  Post #: 1
RE: Site to Site VPN ISA 2004 and Sonicwall - 28.Jun.2005 7:31:00 PM   
ClintD

 

Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
You'll probaby have to break out NetMon to see what's getting dropped.

On your PING, are you using the default 32 bytes of data, or are you specifying a larger payload?

ping server -f -l 1400

(in reply to Guest)
Post #: 2
RE: Site to Site VPN ISA 2004 and Sonicwall - 29.Jun.2005 2:07:00 AM   
Guest
You are right. When I use ping -f -l 1378 it is OK. Any value greater than 1378 failed. I think it has something to do with the MTU size of our Sonicwall router. I will check this now.

Thanks for the in info.

(in reply to Guest)
  Post #: 3
RE: Site to Site VPN ISA 2004 and Sonicwall - 23.Sep.2005 7:11:00 AM   
Andy2Long

 

Posts: 16
Joined: 7.Oct.2003
From: Torrance, CA
Status: offline
I found this article (PDF) on the SonicWall web site:

http://www.sonicwall.com/support/pdfs/technotes/VPN_Interoperability_Between_SonicOS_3_1_Enhanced_and_Microsoft_ISA_Server_2004.pdf

I hope that it helps.

Andy

(in reply to Guest)
Post #: 4
RE: Site to Site VPN ISA 2004 and Sonicwall - 8.Oct.2005 3:58:00 AM   
Andy2Long

 

Posts: 16
Joined: 7.Oct.2003
From: Torrance, CA
Status: offline
GRRR...

SonicWall web site will not allow direct access to the link in my last message. Use this instead:

http://www.sonicwall.com/support/SonicOS_FW_documentation.html

Look for the "VPN Interoperability Between SonicOS 3.1 Enhanced and Microsoft ISA Server 2004" link and open or download the PDF.

Andy

(in reply to Guest)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Site to Site VPN ISA 2004 and Sonicwall Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts