Arkwright Community Legend ✭✭✭✭✭
Reactions
Comments
-
I guess I'm the only idiot who bothers with these reports then :D
-
Plain text config backup is useful but no way to do this from the GUI, so I take nowhere near as many of these as I would like to do :/
-
Either you missed something or that inbound rule does nothing. If it does not rewrite the destination then the traffic will just hit the firewall itself, but fortunately I think nothing will happen if management is not enabled on the corresponding access rule. "Source: Any" is never a good from a security POV. You most…
-
Setting up F&LB creates an entry at the bottom of the list of routing policies. It might say X1 because that's the line that F&LB has decided to use right now. Wouldn't it be great if it would use the Comment or Name fields on the routing policy to indicate that it is there because of F&LB?
-
It sounds like you are tunnelling all traffic over SSLVPN. I wouldn't run voice over SSLVPN. You either need to not tunnel all so Teams traffic doesn't go that way, or you need to not use SSLVPN if "tunnel all" is a hard requirement.
-
No consolation to you, but yours is the first post I've seen about 7.1.3 corrupting rules. I believe that 7.1.2 had this issue on upgrades and the fix was to restore the previously-saved config after upgrading to 7.1.2 If you use NSM then you can get a diff of the JSON config [which is almost unreadable anyway, even when…
-
Saw a similar issue recently with accessing Vodafone management portal. My guess this is some security feature in a WAF product somewhere. Bug or not? I am not sure. Amusingly enough, this Sonicwall KB article implies that if other devices use sequence number randomisation, the Sonicwall might perceive it as a problem :)…
-
In that case, I don't think you can handle this with policies NAT on the firewall itself. There are a few ways to achieve this: You can have up to two Gateway IP [or FQDN] entries per "normal" site-site tunnel. Only one will be active at a time You can multiple active "tunnel-mode" tunnels, but only one IP or FQDN entry…
-
SSLVPN → LAN access rules?
-
This is because I also found similar port scan alerts (very few) for foreign servers coming from port 443. This looks like the response from a web server, right? Yes, I see a lot of this - port scans appearing to originate from what is obviously a "destination" port. I don't think SonicOS actually does anything proactive…
-
Obviously we didnt want to delete or alter any existing rules Is it obvious?
-
"Create more than 7000 rules" is not an actual objective, that's just a side-effect of what you're trying to achieve. So what are you really trying to do? My intuition would be that if you need more than 7000 rules on a TZ400, whatever it is you're doing, you're doing it wrong.
-
Default LAN→WAN rules allow any service, so this will just work. You say "We" are getting it installed, rather than "I am installing it", so questions about configuration details are probably best answered by those doing the work.
-
What are you trying to do? Are you trying to translate the addresses of the traffic traversing the tunnel? Or are you trying to allow the tunnel to connect to/from multiple public IPs?
-
Searching the access rules for interfaces names isn't going to give you a full picture. Interfaces belong to Zones, so look at the zone→zone pair of rule-sets you're interested in, eg WAN→LAN, LAN→WAN, etc.