Thursday, April 05, 2007

I wanted to add this little piece of knowledge to the online community and hope it's found useful for someone. While working with some Sonicwall firewalls, I needed to create a VPN tunnel between two units. It was a basic and simple VPN that was mostly comprised of default settings.
The
VPN tunnel wasn't coming up for me and in the log there was the message:

Received notify: INVALID_ID_INFO

This was an interesting message and it really had nothing to do with the identification of the tunnel or addresses or, SA name or description, or even with the remote firewall's names or descriptions. It was caused by having both of the
Sonicwalls in Aggressive mode for Phase 1 of the tunnel establishment. Switching both to Main mode solved the problem. The setting can be found in the VPN policy Proposals Tab.



Once this change was done, the VPN came right up and the two sites were communicating with each other. This is a setting that can catch some one off-guard and the message that inserted into the log can be deceiving. It can make one think the the name of something is incorrect. Sonicwall's support can have you running in circles too.

As a reminder:

Remote Support On The Web

For PC remote support software try a fast growing and affordable remote support solution. Support somputers over the web almost instantly and do it without creeating a crunch in your budget. Deliver remote tech support software to your users from the office and then from home or another office. If your Internet access provider changes, that's ok, this system is dynamic and can adapt to the changes so your not stuck and unable to continue supporting your users remotely. Some support systems provide you with a static program then if your ISP changes or you want to support your clients, customers or company end-users from another location you have to buy another program. This isn't the way it should be. This system is created in such a manner that you can change ISPs or locations and the programs provided to you for remote support on the web still work. Instantlay they are aware of the changes and the very next time your users connect for remote support from you the software already are using the new settings.


1 comment:

Jack Walsh said...

I've been using sonicwall appliances for firewall and vpn services for years. I get very few support call backs or complaints from my customers when I use sonicwall devices. They are very cost effective and there's a model for almost any size organization. Features could be added by upgrading the firmware and licenses on the units. If for example you were to get a 10 user modem for a small company then they grow and add several more desktop computers or other networked devices that need Internet access, the licenses can be upgraded to a 25 user or even an unlimited user version.