Comments

• Hmm, could have sworn you could select an address group to include in flood protection settings? Guess not.

  in Possible TCP Flood on IF Comment by Arkwright June 2023
• I think it's not possible. There is no field for this in the interface settings or the advanced diags.

  in DHCP 60 option on wan virtuale interface Comment by Arkwright June 2023
• Check Firewall Settings -> Flood Protection and adjust the thresholds to suit.

  in Possible TCP Flood on IF Comment by Arkwright June 2023
• You need to tell whatever is connected to X3 to tag the traffic on the appropriate VLAN. If the Sonicwall is expecting traffic arriving on an interface to be tagged, and it comes in not tagged, then there is not much you can do on the Sonicwall end.

  in VLans Not Working Comment by Arkwright June 2023
• I think this is a task to be handled at switch-level.

  in TZ 270W functionality question (certificate based access management) Comment by Arkwright June 2023
• I made the assumption that the parent port would handle getting info to the correct VLAN. Yes - but it seems like your issue here is that the packets aren't coming in on the correct VLAN, hence them being dropped. In the 'Packet Detail - Decode' it does not show the VLAN headers, so if I assume that your packet detail…

  in VLans Not Working Comment by Arkwright June 2023
• Sure, but the documentation about HA setup says best practise is to have X0 connected in HA setups as a backup HA interface. In most scenarios, one more patch cable is not going to be a deal-breaker.

  in Setting up HA and un-used x0 interface Comment by Arkwright June 2023
• Create two rules, one each for your two sets of services+users, 'User included'. Do you get hits on either of them?

  in SSLVPN TZ-x70 grant different services to user-groups Comment by Arkwright June 2023
• I am guessing it's a TZ370 not TZ350 as those screenshots are from the Gen 7 UI. You need to click the twisty to see the actual detail in the packet capture.

  in VLans Not Working Comment by Arkwright June 2023
• It's not going to let you have IPs in the same network on different interfaces. Just patch them together and pick an unused network to give them IPs from.

  in Setting up HA and un-used x0 interface Comment by Arkwright June 2023
• You left out the bit of the capture that would show why it's dropped - my guess is that the packets aren't coming in on VLAN 34 [but then surely ingress would be "X3" not "--"]. I am not sure about the references to "internal VLANs". I've never need to mess with that when adding VLANs to a Sonicwall, but I don't know off…

  in VLans Not Working Comment by Arkwright June 2023
• I started noticing that since last night the sonicwall made around 1mio requests. Is that big number? DNS could be used for a lot of things on a Sonicwall. We don't know much about your network so it's hard to say if it's a big number or not.

  in NSA 3600 is spaming with DNS queries Comment by Arkwright June 2023
• Does this work at the lowest level? I.e., when you move your server into the VLAN, do you see ARP entries on the firewall for it on the expected interface? If you don't see any ARP entries then start a packet capture on that VLAN and see if there is anything there at all.

  in VLans Not Working Comment by Arkwright June 2023
• In terms of actual useful advice, as opposed to pen test box-ticking: Use GeoIP settings in WAN-WAN access rule to restrict which countries can log in If you know the public IPs of who logs in [fairly unlikely, I guess] put those in access rule Put a schedule on the access rule if you know remote access is only required at…

  in Device Info Public Comment by Arkwright June 2023
• When I look at Censys at a public SSLVPN login I can see that it is identified as SonicOS SSLVPN but that's about it. Shodan shows me even less, simply that it's "Server: web server" and the certificate details.

  in Device Info Public Comment by Arkwright June 2023
More Comments