BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Hi @ThK my instance still shows Reject invalid addresses, which I set yesterday, so no trouble for me there. --Michael@BWC
-
Hi @crossetti just covering the basics here, but Remote Access on the Windows 10 machine is enabled? You're able to connect via RDP from another machine in the LAN to it? Did you checked the Windows Firewall for having the traffic allowed? Where is your bookmark on, a SonicWall Firewall (TZ / NSa / NSv) or a SonicWall SMA?…
-
Hi @ThK our options are limited, but is the current setting reflecting the protection level? Meaning, are unknown addresses blocked by DHA protection or do they getting through? If DHA is off then your configuration gots altered which is a real problem. If it's just displayed incorrectly on the configuration page it's just…
-
Hi @Yuber_Sierra the internal settings on Gen7 are at /sonicui/7/m/mgmt/settings/diag --Michael@BWC
-
@ThK LOL, the timeout hit me as well, you shouldn't have called it 😂 Because I did not had a single DHA threat in the 14 days message log I did some digging. First thing I experienced there seems to be a delay between commiting a configuration change and the actual impact. 1) Reject invalid addresses The message got…
-
Hi @Gabor welcome to the wonderful world of ESA, not everything is explainable. Maybe the database is messed up, please have a look at this KB article which might be helpful: It might be chilling for a new user facing this kind of problems, but believe me it can be far worse. I broke my first ESA less than 5 minutes into…
-
Hi @ThK thanks for bringing this to attention. Gladly I have only one HES service running and I can confirm that this setting was set to "process all messages the same" which is nothing I would usually go for. I'll monitor this situation and check back regularely. --Michael@BWC
-
Hi @Gabor the logs are not 100% real-time (short delay), but should catch up after a while. Maybe a reboot can be helpful, sometimes strange things happen on ESA. Side note, I recommend Delayed Connection Management after all recipients are know. --Michael@BWC
-
Hi @Gabor how is your Auditing configured? Settings button on Message or Connection Logs? Did you activated the auditing? --Michael@BWC
-
Hi @DaveP nothing new since: I guess WiFi-6e is a thing, not sure if this fits for all markets. So it better be the latest if you wanna stick with SonicWaves. --Michael@BWC
-
Hi @Phil1aap today I was monitoring a SMA 500v running 10.2.0.6 and a user was logged into two ApplicationOffload Portals, which was eating up two licenses in the past. But according to the license consumption (7 Sessions active / 6 User Licensed) it counted in that case only for one. Maybe you should check this in your…
-
@djhurt1 We're talking about Gen6/6.5? ... it's on the internal settings /diag.html instead of /main.html of your Firewall. Scroll down to the Security Services, there a bunch of buttons which might do the job. --Michael@BWC
-
Hi @David W yes indeed, this would be helpful to have consistent behaviour between on-appliance and external lookup. Thanks for taking care. --Michael@BWC
-
Hi @Xronos I did some simple internal checking (MobileConnect macOS, Tunnel All, speedtest.net) and got full speed on a SMA 500v with two Atom C3000 cores. I'll give it another try from a Windows 10 client at home over the weekend and report back. A quick test from inside a Win 10 virtual machine with latest NetExtender…
-
Hi all, because @Micah or @Chris did not replied to my request I did some further digging in 10.2.0.6. I somewhat oversaw the ipset defalutAllowIpset (love the TYPO :) ) and a bunch of SNWL related IP addresses are allowed for ANY incoming connection (INPUT chain). I find this a bit intrusive, because there is no need for…