Arkwright Community Legend ✭✭✭✭✭
Reactions
Comments
-
Bon appetit!
-
I'm not sure if there is a way I can download the app on another laptop and then just install it in my work laptop. BWC gave you the link to Netextender, which works with the same VPN services that Mobile Connect used to [and is a better piece software in all respects that I can think of]. Mobile Connect on desktop is no…
-
Not comprehending what the sadness is here. You have a self-inflicted issue and know how to work around or resolve it.
-
Basically, do either what I or @TKWITS has suggested, but don't try to do both - you will end up with triangular routes, for no discernable benefit.
-
Can the switch reach the internet with a source IP of each of its LANs? You might simplify things a bit by not having IPs in all LANs on the Sonicwall, and just have a stub network for routing between the Sonicwall and the switch. Otherwise you've added complexity where there's two ways a packet can reach the firewall from…
-
In a packet capture, you are looking for what is being dropped by the firewall. Look at source/dest ip/port combination, amend firewall rules to match. Dropped packets are highlighted in red. I need the same response available to clients on the Internet (WAN) when accessing our DMZ ftp server .... So, I set up another…
-
When I try and combine both groups of ports, I have all sorts of problems. Has anybody else experienced this problem You need to give more detail, we can't help you with what you've given so far. The packet capture TKWITS suggested should reveal what ports really are in use, and therefore, what ports you need to allow for…
-
If the firewall doesn't understand the ethertype, it won't handle it. I have no idea what ethertype 0x32 is but 01:00:0c:cc:cc:cd is Cisco PVST. This traffic doesn't need to traverse the firewall, so you don't need to worry about the firewall dropping it. On an unrelated note, who was president the last time you updated…
-
Yes, they could call it a "tech support report" and have it include all of the useful information in one shot. They could even have it generate a unique filename with a time stamp in it that ISN'T TOO LONG FOR THEIR AWFUL HELPDESK SOFTWARE!
-
I suggest you run a capture on the Sonicwall for just port 5060 then open it in Wireshark. You need to pay particular attention to the SIP/SDP packets and look at the "connection information" field. The "connection information" field in the SDP is the peers telling each other where to send their media streams to. Compare…
-
Is the SIP encrypted? If not, this can be analysed straightforwardly with Wireshark.
-
OK, I see the attachment this time but it's no use for anybody trying to help you, it's just the statistics of the capture, not the content of the capture itself. You need to filter the capture to only capture ARP. Then export it and analyse with Wireshark [probably easier than doing it in Sonicwall web interface].
-
Try again, don't see anything attached.
-
Yes, just NAT them. If the public IPs are in the same subnet as the firewall's interface, then the firewall will respond to ARP queries as appropriate and handle the traffic [but you won't see entries in the Sonicwall's ARP cache, maybe they fixed this in Gen7]. If the IPs are routed to the firewall's interface IP then the…
-
My suggestion was slightly facetious, but your stated objective of improving security is a waste of time. Assuming you're using IPv4 and NAT [because that describes 99% of corporate setups] then no matter what the device IP is, it will appear to the outside world as the same. If you are using IPv6 then maybe, there is some…