BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Hi all, in case someone faces the same problem, I ended up in re-deploying the SMA because I wasn't able to figure out what caused the lack of free disk space. Hopefully this resolves it for good. BTW, I was generous and gave the SMA a whopping 48 GB of disk space, but it seems it's hard wired to just use 20 GB out of it.…
-
Hi @RGMConsulting I never experienced this, but did it worked before? Does a local router interfere, does it offer some kind of VPN-passthrough? You're running the lastet GVC and SonicOS available for your environment? How does the routing table look like when the tunnel is established, could this be a routing issue? Sorry…
-
Thas is strange, I see no other connection between Authentication and SMTP at this point. Did you checked the event log if the SNWL logs anything what gives us a hint? Is the user a local user (created on the SNWL)? --Michael@BWC
-
Hi @SMB I somewhat lost hope on that, just have a look in the history of changes. I don't expect anything until the HQ of SNWL moved again but I'am always open to be proven wrong. There seems to be no effort to have the SNWL solutions integrated in other monitoring solutions than the stuff provided by themselfs. --…
-
Hi @MPNS I'am not aware of any KB-article which would teach you this in full detail, but this is how I'am doing it when implementing 3rd party WiFi. Depending of the complexity needed (multiple SSIDs, VLANs, segmentation etc.) I assign a dedicated interface for Wireless even when not using the SonicWall APs. Bind the…
-
Hi @Didier did you configured One-time password for Users or Groups? This would be my only explanation. --Michael@BWC
-
Yes, Packets via standard Interfaces are leaving the appliance untagged. In my example traffic for the subnet on X0 is untagged and for X0:V5 is tagged with VLAN ID5. There are some VLANs internally used on the SonicOS side, but I never experienced any interference, AFAIK. --Michael@BWC
-
Hi @djhurt1 If you're having a Virtual Interface (X0:V5) it's tagged on Interface X0 for example, otherwise it's untagged. IMHO the Port Shield Groups are for physical interfaces only, don't use them much. You can do crazy stuff with NativeBridge but I prefer to do this properly on a switch if possible. --Michael@BWC
-
Well' I guess that's a no. I'am officially the one and only having this problem, congrats to me.🍾 --Michael@BWC
-
Hi @stf I forwarded a similar event log entry like yours to my local SNWL contact and he couldn't help because there were no more related log entries to put in context. He suggested to create a Support Ticket for further analysis ... of what? It was a simple question, what does this log entry means and was it caused by an…
-
@Xronos my Customer who reported the Alert has no WAF running, which brings us back to the initial question. Is this Alert the Message that it got handled and defused or was it the Message to wave your data goodbye? --Michael@BWC
-
Hi @stf a customer reported a minute ago that the same IP 144.217.207.77 (OVH) tried the SQL injection. Seems to be a busy host though. I hope that the log event shows that it got blocked, message is not clear on this. May I promote my thread about Syslog events over there? Got no attention, like most of my gibberish.…
-
Hi @stf the VirtualAssist thingy might be related to this which was a SonicOS matter and is maybe just a bycatch. But on the other hand the SQL Injection you experienced is probably the root cause for the current dilemma, which still raises the question which kind of credentials got exposed. Considerung the table name…
-
Hi @kthor in the meantime I share mine with you, because I don't know what SNWL is willing to share with us at this point. Not very communicative at the moment. All these files were used for successfull updates. MD5 (sw_sma400_eng_10.2.0.5_10.2.0_5_29sv_1261432.sig) = c07ebf0e934564ef38087a2eb2ff2872 MD5…
-
Hi @ThK Active Sync is working so far, no negative reports at this moment. Try classic mode for the log, /spog sucks. --Michael@BWC