SonicOS 188.8.131.52 -> Mikrotik RouterOS 6.48.3 IKEv2 / PRF
while struggling converting an old working configuration from a NSA 3500 over to a NSa 2650 I experienced that SonicOS is handling IKEv2 a bit different than before. The tunnel never comes up and the Mikrotik was complaing about not finding a peer for the provided IKE ID. Which is odd, because the new SNWL was configured exactly the same like before.
To get the tunnel working again I needed to configure the PRF Algorithm on the Mikrotik side:
It was related to the PRF Algorithm which isn't configurable on the SNWL side. AFAIK it has to be the same as configured for Authentication in the SNWL VPN Profile.
Cisco does it in a similar fashion according to this.
Hope this helps if someone else falls into this trap.
Ruckus also I noticed that integrity & PRF algorithm should be same for connecting to the Sonicwall IKeV2 proposal.
@Ajishlal good to know will keep this in mind.
Quick side note: Configuring PRF algorithm on Mikrotik is new with Firmware 6.48. Prior versions working without any trouble.
I had a few RouterOS 6.47.x instances running and the update to 6.48 made the change necessary. So be aware when updating RouterOS.