Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Globel VPN connection error in multiple PC's under NSA 3600 Firewall.

My Sonicwall when connecting via GVPN from outside, its showing the below error.

"failed to receive an incoming isakmp packet. an existing connection was forcibly closed by remote host"


What may be the Couse of this issue.

Id id already the below solution mentioned in SonicWALL support.

https://www.sonicwall.com/support/knowledge-base/the-peer-is-not-responding-to-phase-1-isakmp-requests-error-in-global-vpn-client-gvc/170505733549058/

Possible Solution: Upgrade to 4.9.14 or higher

SonicWall Global VPN Client 4.9.14 provides a new connection property option.

  • Restrict the size of the first ISAKMP packet sent - This option can be used when the Global VPN Client gets an error such as, The peer is not responding to phase 1 ISAKMP requests when attempting to connect. This error can occur when the ISAKMP packet is fragmented due to its size, but the network device (router) does not allow a fragmented packet when establishing the VPN connection.

But issue still persists.

Can Somebody help on this issue.😓

Category: High End Firewalls
Reply

Answers

  • AjishlalAjishlal All-Knowing Sage ✭✭✭✭
    edited August 29

    Hi @gmenon,

    Most probably this issue due to the default WAN GroupVPN policy. You need to make sure that the default WAN GroupVPN policy is enabled. Navigate to VPN >> Settings >> VPN Policies and make sure you enabled WAN GroupVPN Policy as shown in the below screenshot.

    If above steps is fine from your end; Check your client internet connection and verify the UDP 500 port is reachable.

    Global VPN Client uses UDP port 500 for the IKE Phase1 negotiation. However, either your SonicWall WAN IP is not reachable or the UDP port 500 is blocked in between, you will get the same error. So, you need to make sure that you have proper connectivity to the SonicWall to avoid the “The peer is not responding to phase 1 ISAKMP requests” error.

    NB: If your client side modem is enabled the Firewall rule, it might be happen. As well as enable below steps in your client side modem;

    • PPTP Pass-Through
    • IPSec Pass-Through
    • MTU Size make it 1500 (Client side Modem)


Sign In or Register to comment.