Comments

• Check WAN>WAN access rules. Enabling management services on WAN interfaces creates rules there automatically.

  in Sign in attempts on port 1443 & Port 22 Showing as Open Comment by Arkwright January 17
• By my current understanding, X1 and X2 should both have access to X0. That is not the out-of-the-box behaviour of WAN→LAN traffic. If that's how it behaves then you've configured it like that. in routing rules, X2 is defined as the gateway for the .200.0 subnet. This way traffic from it can't access the rest of the network…

  in Allowing 2 different WAN interfaces to the same LAN interface Comment by Arkwright January 16
• I assume the firewall is expecting them on 500 and dropping them on 4500, or vice-versa. Are the payload packets inside the tunnel actually being dropped?

  in DROP PACKET IPSEC Comment by Arkwright January 16
• Do you think the traffic should be allowed, or not?

  in DROP PACKET IPSEC Comment by Arkwright January 15
• You don't need to create any route policies in this scenario because all networks are directly connected to the firewall and routes to connected networks are created when the interface is configured. If X2 is a WAN interface then what you probably want is a port forward, as WAN interfaces are usually NATed. Maybe a little…

  in Allowing 2 different WAN interfaces to the same LAN interface Comment by Arkwright January 15
• You could try an explicit route ping probe, explore the options in there.

  in Use Network Monitor to ping across IPSEC vpn Comment by Arkwright January 15
• I don't think access rules on firewall itself will make any difference to firewall sending syslogs out of its own LAN interface. So don't worry about that. You could try a packet capture with Wireshark on your target server. Have you followed this?…

  in Syslog traffic being blocked Comment by Arkwright January 14
• Can you ping it?

  in 192.168.168.168 Comment by Arkwright January 14
• The annoying thing here is the false sense of certainty that the UI gives the user. The countdown timer is at best guesswork and at worst, total fiction!

  in Gen 7 reboot - what's up with the "device is still rebooting" messages? Comment by Arkwright January 13
• "grooming phase"…interesting use of language…I wouldn't admit to grooming anybody on the internet :D

  in SonicOS - which branch is still supported? Comment by Arkwright January 10
• Every new firmware version should get it's own thread in this forum, started by someone from Sonicwall.

  in SonicOS - which branch is still supported? Comment by Arkwright January 10
• IME the only supported version is the most recent one, because if you are running anything other than the latest, they will just tell you to upgrade. So no point raising a ticket if you're not on the latest.

  in SonicOS - which branch is still supported? Comment by Arkwright January 8
• I know they are technically compatible because they've been in use for 10y. This was two SFPs at once that didn't come up. How do I see what the model is from the management interface?

  in What does "Interface Xxx : SFP set on invalid module" mean? Comment by Arkwright January 6
• Do you have access to the Mysonicwall account this device is in? If so, you might find some cloud backups there [don't think remote backups are enabled by default though]. Otherwise, just give up now and start re-doing your configuration.

  in Reset Admin Password Comment by Arkwright January 2
• A simple "count" of CVEs is not a fair comparison across vendors. "CVEs per <something>" would be fair, but the problem here is defining "<something>". Even if you compare just the UTM platforms from different vendors [rather than simply the entirety of their portfolio], if they do different things then the one that does…

  in Interesting articles on the exposure posed by the SSLVPN vulnerability in SonicWall firewalls Comment by Arkwright January 2
More Comments