[ previous ] [ next ] [ threads ]
 From:  "Philippe Lang" <philippe dot lang at attiksystem dot ch>
 To:  "Jonathan Simpson" <jsimpson at theatsgroup dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] ipsec, sonicwall to m0n0wall.
 Date:  Tue, 6 Feb 2007 14:38:43 +0100
Jonathan Simpson wrote:
> I've been struggling with this for days.  I'm trying to establish a
> connection between us and one of our business partners, we have a
> m0n0wall at our end and they have a sonicwall. We are both using main
> mode, all other settings have been checked over to match a dozen
> times, identifier is IP. The only error I see in my logs (there are
> lots of debugs) is racoon: ERROR:    
> not acceptable Identity Protection mode.
> I've googled this error a dozen times over and all I can find is a
> reference to doing this on a netgear and aggressive/main not
> matching.  This shouldn't be an issue there. The guy on the remote
> side claims the connection is timing out.   
> Sorry for the long winded question, I really don't have that much
> ipsec knowledge.  I appreciate any help. 
> Jonathan


I'm personnally using the following configuration, with a sonicwall and
a monowall, and it works. You might give it a try:

Phase 1:
Main Mode
DH Group: Group 2
Encryption: 3DES
Authentication: MD5

Phase 2:
Encryption: 3DES
Authentication: MD5
Enable Perfect Forward Secrecy disabled

This is certainly not the best secure VPN tunnel ever, but sufficient in
our case.

I'm using monowall 1.22 and SonicOS Enhanced

Hope this helps.


Philippe Lang