BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@THK - 24+ hours later, still not working and no mention on https://status.sonicwall.com - did you got any update on your support ticket in the meantime? --Michael@BWC
-
Thomas, a Systems Engineer already confirmed our problem to me and they are working on it. It's there for 7+ hours already as far as I know, a bit disappointing. --Michael@BWC
-
Hi @JamesD for some reason the switch disappears on the login page, maybe if you were logged in before. You can force the other layout only by entering the URL IMHO /spog/welcome. == new design /cgi-bin/welcome. == old design --Michael@BWC
-
Will check with the Firewall again, working "forever" and now this made me wonder. --Michael@BWC
-
Hi @David W inbound mail is working fine AFAIK, the packet monitor on the firewall shows that the transfer suddenly stops and the last packet is an ACK from the remote side, no further packets form the ESA. All kind of remote ISPs are involved, I don't suspect the problem on the remote side. No alerts on the ESA. UPDATE:…
-
Hi @Mnicholas tested with Google Chrome and Firefox on macOS, same outcome, spinning forever, no errors on the console though. --Michael@BWC
-
Hi @SEBASTIAN yep you're right, TCP/442 hits probably the implicit Drop-All clean-up rule. The Flood Protection did not got triggered in any way? What are your settings for the TCP Flood Protection? I would try to reproduce. --Michael@BWC
-
Hi @SEBASTIAN how many connections (concurrent) does it took to bring the TZ 300 down and what protocol was used? Did the traffic flow went from LAN -> WAN or LAN -> DMZ? Was the connection limit reached? Did you tried to limit the allowed max. connections in the access rules (advanced tab), which can only be a percentage…
-
Well, with EDNS they can stick with UDP, maybe this does the trick 😉
-
Hi all, @David W : "SPF checks are always done against the mail from header and not the from address itself." Hopefully we're not talking about the header, because SPF checks should be performed before the message (containg the headers) got transfered and checking is based on the SMTP envelope (HELO and MAIL FROM). I had…
-
Hi @ljohnson055 if I'am not completly mistaken Always on VPN with NetExtender is not supported on Firewalls, SMA is the only way to go. Maybe it can be accomplished with GVC somehow, which would be better performancewise anyways? --Michael@BWC
-
Hi @Larry is this unit managed by GMS, CSC, NSM or any other 3 letter tool? It seems that the unit is modified from the Web UI and the central management is warning about changes. Is this a possibility? Don't know about the naming (locations), but my guess is that these units are created inside the Management with this…
-
Hi all, the problem seems to occur only when filtering by product, all other options do not cause a loop. I can confirm this happens on my account as well. --Michael@BWC
-
Hi @fre with just one public IP address you cannot "share" port 443, because NAT does not work SNI based. I would suggest just install a reverse proxy (NGiNX would be my weapon of choice) in the DMZ and let it do the HTTPS offloading and forwarding requests based on the requested to app or dev. Sorry that there needs to be…
-
Hi @Nat I guess you already tried to exclude the "Archives" from the Capture ATP settings / Bandwidth Management? The only other way would be probably through App Rules, you need to create a Match object which covers the unwanted file types, create an App Rule and use the Action Bypass Capture ATP. Even in small…