This article provides information about the log entry “The peer is not responding to phase 1 ISAKMP requests” when using the Global VPN Client (GVC). This error message can be a general failure message, meaning that a phase 1 ISAKMP request was sent to the peer firewall, but there was no response. There are many possible reasons why this could happen. Troubleshooting steps and the possible solution offered here may help solve the problem.
Possible Solutions – Peer is Not Responding to Phase 1 ISAKMP Requests
- This error usually is caused by UDP packets being fragmented during the initial handshaking. SonicWall now has a workaround for it. Go to the Properties menu on the client, and turn on “Restrict the size of the first ISAKMP packet sent”. (This option is available in client versions 4.9.14 and above).
- On your Sonicwall’s WAN interface that you client is connecting, try disabling the “Fragment non-VPN outbound packets larger than this Interface’s MTU”
- Try Lowing your MTU settings on your WAN interface. Lowering from 1500 down to 1400 has been known to resolve the issue. Some modems wil user a lower MTU (Especially LTE modems) so changing the will allow the MTUs to match. Proceed with caution with this solution as your MTU size is not recommended to be changed.