No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

The IPSEC VPN interconnect instance between USG2110 and sonicwall firewall

Publication Date:  2012-09-14 Views:  1813 Downloads:  0
Issue Description
The IPSEC VPN interconnect instance between USG2110 and sonicwall firewall
Topology:USG2110(embranchment)—internet—sonicwall(headquarters)
Establish IPSEC VPN by making over related configuration on sonicwall basic. 
Alarm Information
NULL 
Handling Process



ike local-name huawei.com

#
ike proposal 1
encryption-algorithm 3des-cbc
dh group2                    (dh group should be identical)
sa duration 28800
#
ike peer zongbu
exchange-mode aggressive      (aggressive mode)
pre-shared-key cnooc_ccw2009
ike-proposal 1
local-id-type name            (choose the name certificate way)
remote-name beijing.com
remote-address 202.108.65.92          
nat traversal
#
ipsec proposal 1
esp authentication-algorithm sha1
esp encryption-algorithm 3des    (encryption is 3des,should be identical with above)
#
ipsec policy fengbu 1 isakmp
security acl 3000
ike-peer zongbu
proposal 1
sa duration traffic-based 28800   (IKE 2rd phase, alive time should be same with above)
#
interface Ethernet2/0/0
undo ip fast-forwarding qff        (Shutdown fast forwarding)
dhcp client enable
ipsec policy fengbu
Root Cause
NULL 
Suggestions
The tunnel cannot be build commonly because the variance of both side parameter, please check whether both side parameter is identical or not. 

END