Unable to establish Site to Site VPN from Mikrotik to Dell Sonicwall NSA 2400

RouterOS General
1

I am unable to establish an IPSEC VPN tunnel between the Mikrotik router v6.36 and the Dell Sonicwall Firewall.


LAN(192.168.88.0/24)<==============>Mikrotik_(4GLTE Modem with Dynamic IP)====>Internet=====>(Static Public IP)_Sonicwall<===================>LAN(10.1.1.0/24)



At the end of the log on the Mikrotik i get this:

ipsec, debug, packet: hash validated.
ipsec, debug, packet: begin.
ipsec, debug, packet: seen nptype=8(hash)
ipsec, debug, packet: seen nptype=11(notify)
ipsec, debug, packet: Succeed
ipsec, debug, packet: 186.151.238.299 DPD R-U-ThereAck Recieved
ipsec, debug, packet: recieved an R-U-THERE-ACK

NOTE: Only Phase 1 succeeds supposedly, but Phase 2 never seems to initiate.

On the Sonicwall Log:

--------------------------------------------------------------------------------------Source-------------------- Destination------
IKE Responder: Aggressive Mode complete (Phase 1) 181.174.72.186, 33077 186.151.238.199, 500
IKE Responder: Received Aggressive Mode Request (Phase 1)
Received IKE SA delete request

NOTE: Only Phase 1 succeeds supposedly, but Phase 2 never seems to initiate.

My Configuration on the Mikrotik goes as follows:

IPsec Peer:

Address: 186.151.238.199
Port: 500
Auth Method: Preshared Key
Secret: 8675389
Policy Template Group: Default
Exchange Mode: Aggresive
Send intial contact : Checked
Nat Traversal: Checked
My ID: FQDN : atroz.com
Proposal Check: Obey
Hash Algorithm: MD5
Encryption Algorithm: 3DES
DH Group: modp1024
Generate Policy: no
Lifetime = 1 day
DPD interval: 120
DPD max failures: 6

IPSEC Policy:

Src Address: 192.168.88.0/24
Dst Address: 10.1.1.0/24
Protocol: 255(all)
Group: Default

Action: encrypt
Level: unique
IPsec Proposal: esp
Tunnel: Checked
SA Src Address: 0.0.0.0
SA Dst Address: 186.151.238.199
Proposal: Default
Priority: 0

IPSEC Proposals:

Auth. Algorithm: md5
Encryption Algorithm: 3DES
Lifetime = 1 hour
PFS Group = none


On the Sonicwall Side I have this configured:

Policy Type = Site to Site
Auth. method = IKE using preshared key
IPsec Primary Gateway = 0.0.0.0
IPsec Secondary Gateway = 0.0.0.0
Shared Secret: 8675389
Local IKE ID: Domain Name: zigmund.com
Peer IkE ID: Domain Name: atroz.com
Local Network: 10.1.1.0/24
Destination network: 192.168.88.0/24

IKE Phase 1:

Exchange: Agressive Mode
DH Group: Group 2
Encryption: 3DES
Authentication: MD5
Life Time Seconds: 86400

IKE Phase 2:

Protocol: ESP
Encryption: 3DES
Authentication: MD5
Life Time Seconds: 3600