Arkwright Community Legend ✭✭✭✭✭
Reactions
Comments
-
I've only ever used Firefox to access this site and I've never noticed a particular issue with it [as opposed to some other websites that bog my computer down, eg Sonicwall Gen 7 web interface!].
-
Next time you can get in to the web interface, enable SSH management on the LAN so that you have an alternate way in.
-
They really should have posted an article about this. I raised a ticket and got 5 paragraphs about this issue which obviously weren't written just for me, so why not stick it on the publicly-facing KB, saving my time and theirs in the process?
-
You could start a packet capture with "dropped packets only" ticked. Use the various filtering options to narrow down to what you're interested in.
-
If they aren't subscribed to app control, not only will you not be able to get in to edit the app control rules, the app control won't be doing anything [because it's not subscribed]. So if you can't get in, then it's not the cause of your problem.
-
I don't think there is an L2 VPN option in SonicOS. When we need to achieve this [which is pretty rare] we use an EoIP tunnel between two RouterOS boxes.
-
Configure a device with the same IP address as the firewall WAN. Disconnect Sonicwall WAN Connect device in place of the Sonicwall. Test internet speed. Reverse the above process. Connect device back to LAN-side of Sonicwall and repeat internet speed tests. I suggest you test a few times with different speed testers,…
-
Every client subject to DPI-SSL, regardless of client OS or hardware, needs to trust the Sonicwall's DPI-SSL MITM certificate in order not to annoy the user with certificate errors or warnings. Best place to check how to install a certificate on the unspecified mobile platform would be to consult the vendor's documentation.
-
Wish they would replace SSLVPN with Wireguard on the UTM appliances!
-
Admin access on HTTPS There should be an option in the /diag menu that allows you to completely edit/delete automatically created rules. Suggest you enable it, edit the rules, then disable it again afterwards.
-
OK, your problem clearly isn't due to a lack of routes then. The /<NULL> routes are a red herring too as they've worked fine [I assume they're "failsafe" routes so the client can still reach it's default gateway and the firewall it's connected to, after installing all the other routes sent as part of the VPN connection].
-
What routes do you actually end up with on the client after connecting? Perhaps /<NULL> is just a slightly odd way of logging that it's a /32? 10.2.817 is working fine for me, BTW.
-
This behaviour isn't all that surprising given the general slowness of the Gen7 devices, and I can confirm that the ping times going from Gen6 to Gen7 are a) higher b) much more jittery [see if you can spot where the firewall was replaced]: However.....does it actually matter? Ping times through the firewall are exactly…
-
I had to use a web developer tool to bypass form validation to allow me to paste in a string. Works fine, but not "supported" and it confuses anyone who comes along later and needs to edit it :-D I did raise a ticket with Support about what on earth this format is they're expecting it to be entered in. The response I got…
-
This would be much more useful if it was a fixed clock time rather than just a counter of minutes.