Cisco ASA: ‘Received an un-encrypted INVALID_COOKIE notify message, dropping’
Apr06

Cisco ASA: ‘Received an un-encrypted INVALID_COOKIE notify message, dropping’

KB ID 0001421 Problem Saw this in a forum today, and knew what it was straight away! While attempting to get a VPN tunnel up from a Cisco ASA (5508-x) to a Sonicwall firewall this was there debug output; Apr 06 00:45:21 [IKEv1]IP = x.x.x.x, IKE Initiator: New Phase 1, Intf Lan, IKE Peer x.x.x.x local Proxy Address 192.168.90.150, remote Proxy Address 10.252.1.1, Crypto map (Internet_map) Apr 06 00:45:21 [IKEv1 DEBUG]IP = x.x.x.x,...

Read More
Sonicwall 2040 Port Forwarding
Nov17

Sonicwall 2040 Port Forwarding

KB ID 0000346  Problem You would like to set up port forwarding on a Sonicwall 2040, in this example I will assume we are forwarding SMTP (TCP port 25). Sonicwall Pro 2040 – System Screen Note: Notice the “Network Interfaces” section, take note of the names of the interfaces and what they are doing, this will become relevant later. Solution 1. Log into the Sonicwall’s management console. 2. If you have not...

Read More
Site to Site IPSEC VPN from SonicWALL to Cisco ASA
Nov17

Site to Site IPSEC VPN from SonicWALL to Cisco ASA

KB ID 0000357 Problem You want to put in a secure IPSEC VPN tunnel from a Cisco ASA Device to a Sonicwall Firewall. Note in this example we will use 3DES for encryption, SHA1 for Hashing, Diffie Hellman Group 2, PFS enabled, and we will use a shared secret (Pre Shared Key). SonicWALL used in this example is a PRO 3060. Solution The main two gotcha’s Update 12/03/11 Feedback from Wajma Omari: I would like to add that this...

Read More