BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@jvpangan17 Model and Firmware release would be nice to know, this helps if it's a known issue fixed already on the way. Are the reboots random or usually at the same time? —Michael@BWC
-
OK, hopefully I get this right, but did you added a Route telling the SonicWall that the additional subnet is reachable via the OVPN Server? If not you might have seen Anti Spoof Events already? I would tie the Access Rule a little bit up like this: Zone: LAN to LAN Src: OVPN client subnet Dst: X0 IP Source SVC: Any…
-
How does the additional subnet is getting routed to the firewall and on which interface? Is it behind a Core Switch on the LAN Interface or manually assigned as secondary subnet to the LAN Interface? —Michael@BWC
-
@Pischta if your other subnet is bound to an interface, you can enable Management on that and access it by this Interface IP. If this is not an option and you need to connect to lets say X0 IP you have to make sure that the Access Rule from Whatever-Zone to LAN destined to X0 IP with Service HTTPS Management has the Option…
-
@dp8 I can't tell you what this is about, but did you checked on Reddit, because it was reported a while back there? One guy reported that the endpoint was trying to get an IP address with multiple interfaces. https://www.reddit.com/r/sonicwall/comments/wmpuxn/strange_dhcp_error/…
-
If TOTP is unbound the user needs to login to the firewall via Browser, that is IMHO the only way to get the new QR Code. I changed from TOTP to Mail and back to TOTP, MFA still gets accepted, so no unbind here. —Michael
-
@SYSADMIN this is what you're looking for. —Michael@BWC
-
@silvianjim if you make sure that the Radio Module is disabled in your configuration it should be safe to operate without the antennas. —Michael@BWC
-
@opico I'll wait a little bit longer for the upgrade. There are some reports that Sequoia isn't playing nice with some EDR solutions like SentinelOne (which is part of Capture Client). I don't have lab system for testing and I'am to much of a chicken to update my daily driver. —Michael@BWC
-
It seems that KYBER is getting abandoned in the near Future (Nov 2024) with Chrome 131, hopefully SonicOS can keep up this time? —Michael@BWC
-
Maybe it's related to that? A layer (virtualizer etc) that wraps around SonicOS for security or stability? NSa 4700 and up seem to be different and maybe a graceful shutdown is a good thing to have? —Michael@BWC
-
@DaveTheWave there should be a cumulative changelog, that would make looking for specific fixes so much easier. But sadly it isn't and we have to pick up the crumbs of information from different places. When I checked yesterday the 6.5.1.14 was still present on my account, today it isn't anymore. Release Notes can still be…
-
It was fixed in 6.5.4.14 but you should go with 6.5.4.15. The Release Notes of 6.5.4.14 gave it away :) Due to changes by dyn.com, SonicOS needed to be updated to prevent Dynamic DNS failure withtheir service.GEN6-4189 —Michael@BWC
-
@dthapa do you have the latest 6.5.4.15 Firmware installed? Did you check as admin before logging again that the User is still listed at Local User, maybe there is something that resets the user. Is this user locally created or by LDAP/Radius? —Michael@BWC
-
@Larry my rule of thumb always was to have the specsheet values divided by the number of CPU cores, that is what I'am expecting for single flow. If your speedtest is checked with DPI-SSL the calculation would be 300 Mbps / 4. You might doing your speedtest on multiple endpoints to see if the aggregated speed sums up?…