I'm have a tunnel between a SonicWall NSA2400 (corp office) and a TZ215W (branch). The VPN link shows to be up, however, traffic counter stays at 0 and I can't ping to the remote network.
It's a site-to-site setup:
-corp office:
--IKE preshare
--IPSec gateways set to 0.0.0.0 (dynamic IP at branch)
--local IKE ID: ~WAN IP~
--Peer ID: ~peer's firewall ID~
--Local net: LAN subnets
--Remote net: 192.168.0.0 - 255.255.0.0
--Phase1: IKEv2 > Group2 > AES-256 > SHA1
--Phase2: ESP > AES-256 > SHA1
--NetBIOS bcast enabled
-branch
--IKE preshare
--IPSec gateways set to ~corp WAN IP~
--local IKE ID: ~firewall ID~
--Peer ID: ~corp WAN IP~
--Local net: LAN subnets
--Remote net: 192.168.0.0 - 255.255.0.0
--Phase1: IKEv2 > Group2 > AES-256 > SHA1
--Phase2: ESP > AES-256 > SHA1
--NetBIOS bcast enabled
--Keep alive enabled
The connection status is as follows
Name Local Remote Gateway corp 192.168.0.0 - 192.168.255.255 192.168.0.0 - 192.168.255.255 ~corp VPN Static IP~
Any obvious pieces I'm missing?
Apparently the "obvious piece" I was missing was the fact that I had 192.168.0.0 for both local and remote LANs. I ended up using 192.168.0.0 for the corp site and 10.100.0.0 for the branch, now all is well.