The Peer is Not Responding to Phase 1 ISAKMP Requests

I got this error when trying to connect using my VPN client tool (Dell SonicWall Global VPN Client). It fails when I am connected to the internet via our Home broadband (Foxtel) but it connects successfully when I am connected to mobile data hotspot (Vodafone).

I found two ways to overcome this error

  1. Configure the VPN Client to restrict the packet size on the first ISAKMP request:
    1. On the SonicWall GVC – File > Properties
    2. General tab > Enable “Restrict the size of the first ISAKMP packet sent” (at the bottom)
    3. If this setting is not available, you will need to update your VPN client. In my case, the user didn’t have admin rights so I had to do step 2 instead.
  2. Configure your wifi (broadband) to increase the MTU size (Maximum Transmission Unit). When connecting to a peer via the internet, there are many devices along the way that the data packets go through. If one of these network devices have an MTU size smaller than the packet size being transmitted, the packets will be fragmented which will cause our error above. The following are the steps I took to configure my router (with Foxtel)
    1. Connect to your router via a browser (you’ll have been provided a username and password by your ISP provider)
    2. Advanced > Setup > WAN Setup
    3. In the MTU size field, enter a value between 64 to 1500. In my case the size was already at 1400 so I changed it to the maximum (1500) and this has fixed the VPN connectivity.

 

 

Add a Comment

Your email address will not be published. Required fields are marked *