Arkwright Community Legend ✭✭✭✭✭
Reactions
Comments
-
They are presumably fetching the required URL to do that. You can test this yourself with Web Developer tools in a browser and see what URL is access when you export the logs, for example. I assume they are denied because they're not logged in. But….you really shouldn't be listening on port 80!
-
The logs are timestamped, so watch them whilst connecting a cable. There will be events for link up and address acquired.
-
Ask the new provider if they will buy your old Sonicwalls off you.
-
I think you need to involve the provider and ask them why they are rejecting your login when you are certain that you are using the correct credentials. VLANs are not a requirement of a PPPoE connection, generally speaking. I think if you'd had to configure your laptop NIC with a VLAN before the PPPoE login worked from…
-
I think you're asking about a site-site VPN, but that doesn't require NAT.
-
That sounds like a "specific issue at play in your environment" - it is not normal for a client to entirely lose networking because of a lease renewal. I replicated your test here, 0 pings dropped, even with 10 pings/second. … 64 bytes from 192.168.1.68: icmp_seq=121 ttl=128 time=3.52 ms 64 bytes from 192.168.1.68:…
-
I have never heard of this, and if this happened in general, I think NetExtender would barely be usable [some routers have a stupidly short DHCP lease time, for example]. So there is probably some specific issue at play in your environment.
-
You aren't deleting them from SSLVPN. Users > Local Users & Groups Delete the user. The next time they connect, they will be prompted to enroll MFA.
-
Do you have any spare Sonicwalls at all? If so, pre-build the config and use the migration tool to migrate it to TZ670. The alternative is to use the CLI, but even then, if you're not already well familiar with the CLI config format then you would still need a spare firewall to test the config elements you've created.
-
So what was the fix?
-
Wouldn't it be great if the KB article mentioned that this is addressed in 7.1.1-7058?
-
This doesn't sound like a Sonicwall issue. Test it with a different PPPoE client. I am struggling to think how you could misconfigure a DSL bridge so that it would cause previously valid credentials to be rejected, but I know nothing about that model of Zyxel, so ??? How did you determine that the previous one was dead? My…
-
Unbelievably, you can't. All this drop code, module, ref.Id, etc looks like it would be a way to actually answer your question but it is not. The short answer to this specific packet drop is that the firewall won't be listening on port 135.
-
I don't understand how SonicWall decides what traffic is sent tagged vs untagged Yeah, me either. Which traffic are you expecting to be tagged and untagged when it's configured like this? The Connection Monitor view will show source/dest interfaces so you can investigate this question there, or with a packet capture. If…
-
or that I'd need a license for it You only need licenses for certain security services. It's pretty usable without service subscriptions.