MAX BR1 HW1 not able to IPSEC to Sonicwall


#1

I have a BR1 that is OG HW1. I can only update it to 6.3.5 firmware since 7.0 is not supported. I have tried everything to get it to do a basic IPSEC tunnel to my sonicwall and it does not work. Same settings on a Balance 210 running 7.0 work fine when I swap the BR1 out for it. I suspect it’s a firmware bug but wanted to know if anyone has experienced this and has a workaround. It appears that it has something to do with the peer name it sends over as it’s trying to use the generic WLAN tunnel rather than the specific tunnel created for this peer. If I finagle it using the IP, it gets past that and attempts to connect to the correct tunnel, but then I get malformed header errors. I have to use aggressive mode here since the pep will be on cellular and/or wired WAN/WiFi WAN so using the IP was merely a troubleshooting step.

Sadly, the 210 works flawlessly without any real grumbling. Quick to configure and connect. Go figure.


#2

This should work to a Sonicwall. What are the local and remote IDs used with aggressive mode?


#3

I’ve tried a multitude of things but here is what I use on the 210 without issue:
local id- salespeplink.mydomain
remote id- colofirewall.mydomain

I obviously replaced my real domain above with mydomain.

I’ve also tried adding .com to the end of each, using email address and use a single word as well with no change.


#4

Try using the “@” symbol in the string of the local and remote ID fields.


#5

Yup, tried that, basically fake emails. Still did the same thing.