This article describes the site-to-site IPSec configurations in Grandstream router GWN700x series when it is behind NAT (SonicWall).
How It Works
IPSec needs to check the Peer’s ID during authentication. The Grandstream router GWN700x uses the IP address of the WAN port as the IKE ID (Local ID/Remote ID) by default. If the router is behind NAT (eg SonicWall in this case), the Local ID and Remote ID must be filled in.
How to establish IPSec with SonicWall
By default, the router uses WAN’s IP and remote server address IP as Peer and Remote ID, and the ID type is ‘IPv4 Address’ as default. Make sure that the user sets Local IKE ID and Peer IKE ID with the type ‘IPv4 Address’, and Peer IKE ID must be the GWN7001’s WAN’s IP in SonicWall’s IPSec VPN > Rules and Settings Page.