BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Can't tell what the impact is, in general it's reduced lifetime but maybe it's throttling too. I had some pretty warm TZs in the field but functionality wasn't ever disturbed, temperature-wise. —Michael@BWC
-
@andyoeft IMHO there is no way to determine the temperature, which is not really good thing, because they tend to get pretty warm, especially in overcrowded cabinets. —Michael@BWC
-
@theroncooper you can attach any AP, they just will not be provisioned by the Firewall, but that's IMHO totally fine. If you decide to place the AP in a Zone of Security Type "Wireless" just make sure that the option "Only allow traffic generated by a SonicPoint/SonicWave " is disabled, otherwise you should be good to go.…
-
Chris, you could try one of the following (it does not break anything) enabling/disabling the dhcp scope configure dhcp-server scope dynamic range-ip-begin range-ip-end no enable commit enable commit 2. enabling/disable the dhcp-server configure dhcp-server no enable commit enable commit I tested this for you on a NSa 2650…
-
IMHO there is no option to do that, you might consider disabling/enabling the whole service via CLI. What do you try to accomplish, cleaning it up because it fills up in an unwanted way? —Michael@BWC
-
It depends on how much you'll stress the appliance. If you're fine with a SOHO 250 right now, the TZ 270 will be more than good for that job. But if you plan to activate all Security Services, doing DPI-SSL, SSL-VPN and IPsec you're probably in the TZ 670/NSa 2700 range. Depends on the bandwidth of your Internet access as…
-
The two options you're mentioned are under Network → DNS → DNS Proxy, but as described only works for DNS over udp/53. If you have your Access Rules allowing DoT, DoH or DoWhatever then the DNS Proxy might does not see the traffic at all. How do you plan to sinkhole the requests? Keep in mind the built-in DNS security is…
-
@clcventura DNS proxy changed in 7.1 and you need to activate it at Policy → Rules and Policies → DNS Rules. For each Zone/Interface you need to create a DNS Policy of Action "Proxy". If you have licensed the additional DNS Security Service you might create Filter actions as well, otherwise it's limited to Proxy. Check for…
-
@Community Manager 10.2.341 is now available via the public VPN client download page. While you're on it, GVC download is 4.10.7.1424 but the latest is 4.10.8.1108 and should be updated as well. Considering both versions are from 2022 the maintainer isn't doing a good job here. —Michael@BWC
-
@Closey1200 yes, you need an Address Group which holds 10.0.0.0/24, 10.0.6.0/24 and 10.0.12.0/24, then add a route Source Any, Destination <that group>, interface (x0 or whatever fits), gateway 10.0.0.254 (new object). This is necessary otherwise all Packets from 10.0.6.0/24 and 10.0.12.0/24 would get dropped because of…
-
Oopsy daisy, I totally forgot to paste in, bummer. https://www.reddit.com/r/networking/comments/jvth3m/source_for_sonicwall_console_cable/ —Michael@BWC
-
Did you checked this Reddit article? The latest post seems to have a simple solution and even includes the pin layout. —Michael@BWC
-
@Enzino78 to be honest I never saw an implementation of IPsec over TCP on the systems I managed and I would assume that the performance impact is pretty big. About the future support on SNWL, my guess is never. They don’t even implement Wireguard for clients so why waste the rare developer resources to somethat that exotic…
-
@ChristianK it's probably to early to have any deeper experience, my guess iis that it is probably as good as the 7.1.1 is/was. We know that 7.1.1 was a mixed bag. I'am currently testing 7.1.2 and at least it has the same DNS Rule UI bug that 7.1.1 had for months. I skipped 7.1.1 for general use so it's a bit hard to tell…
-
@HKI did you enabled "RFC-2617 HTTP Basic Access authentication" which is required for the kind of access you're trying to do? It's disabled by default. —Michael@BWC