BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Hi @ChrisR I cannot tell you in that specific case why the CPU load went up on your NSa over time, but rule of tumb is do run the packet-monitor only for the time needed, maybe logging to FTP is better for "long-term". Packet-Monitor usually causes some extra load, probably in the wrap situation it's more heavy because it…
-
Hi, one last try because it happened again. Anyone saw this before? Unreadable string in the license information. Ignore... Which caused this a minute later: Unreadable string in the license information. Ignore... But TCP connection check to licensemanager.sonicwall.com and lm2.sonicwall.com was successfull at this point.…
-
Hi @Mike11224466 about the TCP/IP sequence you should check this if it is disabled for any reason. It might be related to Syn Flood Protection as well, but you probably checked already if this is reddit: About the Port 81 complains, is this SNWL related and if yes what part of your SNWL deployment is bound on port 81?…
-
Hi @TKWITS yeah, avoiding ALGs whenever possible, first thing I do on any Mikrotik deployment is disabling them. And having no ALGs is why we stick with SNWL in the first place. The reason why I brought this up in context with SNWL was just because of the fact that SonicOS 7 is Linux based and maybe using some form of ALG…
-
Hi @ydahn just a follow-up because you seem interessted. Firmware 10.2.0.3 brings a bump to Apache/2.4.38, that's at least what the version string is telling me. OpenSSL also got a bump to 1.1.1g from 1.0.2 which is good, mod_ssl is now dynamic was static before. This would bring these major components close to current.…
-
Hi, I guess I'am alone on this, but further analysis of the logfiles brought me to the conclusion that the internal iptables/netfilter got messed up somehow, which is indicated by the log message shown before. It maybe caused by Botnet oder GeoIP filtering which we use to block nearly all countries worldwide and just allow…
-
Thanks @Chris
-
Just to keep this thread alive in case someone stumbled over it, SMA-1087 does not seem to be related to the Radius/OTP problem after all, because it's marked as fixed in 10.2.0.3 but problem still exists.
-
Just an update on my monolog, October hotfix is out which should resolve this issue. Didn't had a chance to try and customer isn't in a hurry to apply. --Michael@BWC
-
Hi @kayvon I couldn't find any information about ETA of CC 3.5, can you tell more? Any ETA on macOS Big Sur support for this? S1 has a limited beta right now, no GA by now. S1 is commited to deliver 45 days after GA of BigSur, which is 45 days from today :) --Michael@BWC
-
Hi @RS_com not being 100% sure about this, but my best guess is that your SMA firmware 12.1 is way to old to recognize a current Chrome browser correctly. 12.4 (w/October 2020 hotfix) is the last firmware to check. --Michael@BWC
-
@dirtrenyolds same here (Germany). SonicWall Status shows it as down: --Michael@BWC
-
Hi @alexander on the Manage -> VPN -> Base Settings page below the VPN policies you can see what each appliance is able to handle: Here as example a NSA 3600 with 20 defined Policies out of a maximum of 1000. Or you can have a look in the datasheet of the appliances, it's mentioned there too. --Michael@BWC
-
Hi @davetapley I'am interessted in this as well. All secret information (passwords, etc.) get somehow rehashed everytime a config gets exported. The one and only thing I found that's changed too is userIV which could be some kind of salt. Recently I came across a couple of hundred firewall configuration files and reported…
-
Hi @manicaps1 I'am not 100% sure if this is possible within the 100-series. Did you tried to set the custom AD attribute in your SMA domain settings? Like %AD:RDP% or whatever the LDAP is used for the PC? Then you could try to use %AD:RDP% (or whatever) as IP address in the RDP bookmark, it's accepted at least, but can't…