Comments

• @AdamTheManTyler Are you sure the remaining VPN tunnels pre-shared key and configurations are same of the other end units? If you are suspecting the MTU, make the MTU value to 1492 and try. as well as Sonicwall have his on tool to check the matching MTU. Navigate to System-->Diagnostics-->Diagnostic Tool--> Select the PMTU…

  in PPPoE WAN MTU and site to stie VPNs Comment by Ajishlal June 2022
• we have been received the Hotfix firmware 6.5.4.6-79n-HF208918. I recommend you have to contact Sonicwall Support for the hot fix firmware according to your Firewall model.

  in SSL VPN - 2FA - two units - Google Authenticator code Comment by Ajishlal June 2022
• hi @Alberto Since your firewall configured as HA, it should work. There was a bug about the same issue and Sonicwall has been fixed. In HA if you enable the sync including the certificate/keys, your public certificate will work without any issue.

  in SSL VPN - 2FA - two units - Google Authenticator code Comment by Ajishlal June 2022
• yes. you have to define the policy if you need custom tailored.

  in Restrict SSLVPN access to my LAN network Comment by Ajishlal June 2022
• @noob Follow the below KB;

  in Reject TCP timestamp response Comment by Ajishlal June 2022
• Try to adjust the WAN interface MTU value.

  in LTE modem as failover internet Comment by Ajishlal June 2022
• since the 3DES and DH Group2 is vulnerable & absolute, Use AES encryption and DH group 5 or higher for phase 1 & 2. Both end are you using WAN static IP or dynamic? If you are getting dynamic IP, make sure the IPSEC primary gateway IP is updated or use dyndns service. If you are using dyndns / same kind of service, make…

  in Got issue VPN site2site after replace NSA 3600 by NSA 3700 Comment by Ajishlal June 2022
• U0 is External 3G/4G/Modem Interface. Why this automatically added to your LACP , this X2 is part of WAN interface or what? U0 is member of " All Interface IP" address object group.

  in U0 is automatically added to the link integration members Comment by Ajishlal June 2022
• Hi @noob Follow the below KB.

  in How to set a default route in SonicOS 7 Comment by Ajishlal June 2022
• Can you share with us the both end configuration screen shot.

  in Got issue VPN site2site after replace NSA 3600 by NSA 3700 Comment by Ajishlal June 2022
• @tungton try to uncheck the "Enable NAT traversal" from NSA3700 and try. (VPN-->Advanced) your back end ISP modem is configured as NAT or bridge mode?

  in Got issue VPN site2site after replace NSA 3600 by NSA 3700 Comment by Ajishlal June 2022
• @shoe Either you can create App Control policy and include the business VLAN and Disable the gaming apps or you can create CFS rule for the particular VLAN and disable the games (CFS-22).

  in Limiting gaming to one VLan Comment by Ajishlal June 2022
• @tungton Delete the existing site 2 site vpn policy from 3700 and re-create it with the same configuration.

  in Got issue VPN site2site after replace NSA 3600 by NSA 3700 Comment by Ajishlal June 2022
• @JESUS Glad to hear that you solved your issue.

  in PROBLEM WITH BANDWIDTH WITH NSA 3600 ( BOTTLENECK) Comment by Ajishlal June 2022
• @JESUS If the internet speed is slower compared to the speed ahead of the firewall, there are a few things to check. In the Sonicwall security service settings, consider lowering from maximum security to performance optimized & adjust your WAN MTU value.

  in PROBLEM WITH BANDWIDTH WITH NSA 3600 ( BOTTLENECK) Comment by Ajishlal June 2022
More Comments