- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
The VPN Log shows: "IKE Initiator Remote party timeout" error
12/20/2019 
1,454 People found this article helpful
120,129 Views
Description
The VPN Log shows: "IKE Initiator Remote party timeout..." error
Resolution
To view the Video Tutorial on this topicClick Here
Problem Definition:
The IKE Initiator: Remote Party timeout log shows several timeout messages and IKE negotiation aborted due to timeout after a short delay, indicates that there is a communication problem or the Initiator and Responder are unable to complete the Phase 1 negotiations.
Logs on Initiator:
If you receive an IKE Initiator: No response--remote party timeout error,Checking the logs on the Responder SonicWall will clearly display the exact problem, ensure that the Proposals are identical on both the VPN policies.
If no log messages are available for the Initiator VPN device, then follow these steps:
- Ensure that the Enable VPN option is checked under Manage | VPN | Base Settings| VPN Global Settings and the appropriate VPN policy is enabled.
- Network connectivity between units.
TIP: You may try to connect via GVC software if GroupVPN is configured on the SonicWall. - IPSec Gateway address in Initiator SA specifies WAN address of IKE Responder.
- If you are using FQDN in the IPSec Gateway Name or Address field, ensure that FQDN resolves to WAN address of IKE Responder.
- IKE access rules enabled on both SonicWalls.
- No other firewalls in the path are blocking IKE (UDP 500, 4500) or IPSec Protocol 50 and 51.
- Contact ISP to see if they're blocking IKE (UDP 500, 4500) or IPSec Protocol 50 and 51.
- If using SonicOS Standard with Aggressive Mode VPN, make sure the remote end’s firewall name is specified on the host firewall’s VPN policy.
- If the VPN Tunnel is being established with a 3rd Party VPN device, then make sure that NAT – T is disabled (in case there is no NAT device in front of the SonicWall) .
- Check the Local and Peer IKE IDs in the VPN policy if you have setup the Site to Site VPN Policy between the SonicOS Enhanced and Standard firewall.
- Click Advanced tab of the VPN Policy, set VPN to bind to Zone WAN.
Related Articles
Categories
- Firewalls > NSa Series > Logging/Alerts
- Firewalls > TZ Series > Logging/Alerts
- Firewalls > NSv Series > Logging/Alerts
YES
NO