BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Well, it comes down to "hey, it's me, the ESA for mail.domain.com and here is the cert to prove it". What the sender is doing with that information is not forseeable, it can be ignored and any cert would have worked or it could be enforced by matching names, validity etc. Using DANE (something ESA isn't capable of) is also…
-
@djhurt1 the cert for SMTP is used only on the server side when receiving mails, not involved in the sending part. If you're familar with postfix you might have used the smtpd_tls and smtp_tls directives, which are for receiving and sending, but even in postfix smtp-tls_cert_file for sending is rarely used becuse the…
-
@Liêm I'am confused, you're talking about sending mails but the screenshot shows web traffic. To clear things up, are you using some kind of Webmail (OWA) or is it Outlook sending to an Exchange Server? If you're certain that your MTU is correct we can rule that out. Maybe double check with ping to see when it starts to…
-
I second what @Simon_Weel wrote about the screenshots, not much to see there. If you're able to send mails without attachment (small) but not with attachment (large) it might be related to a MTU issue on your WAN Interface. Make sure the MTU fits to your internet connection, e.g. 1492 for PPPoE etc. This might give you an…
-
I tried with the embedded firewall connector, but the documentation mentioned Note: Full Tunnel is only supported for Private Edge deployments; it is not supported for Global Edge deployments. Is this information outdated and it should work with linux connector even when Global Edge is in place? I have Connector running as…
-
I created a Service Tunnel with a single public IP included, but when I crank up the Banyan App on my iPhone(and Windows) it only lists the internal networks in the Tunnel Details, not the public IPs. Any chance that this is related to the following, because it can't be enabled for integrated connectors on the Firewall?…
-
Because I'am not facing this on a non-HA deployment, does Support acknowledged it's for some reason HA-only? —Michael@BWC
-
IMHO SonicPlatform isn't ready at all (I know it's declared Beta). I was able to login in the past, but it was of no use to me, because it said I have x Appliances registered, but when I tried to list them, nothing showed up. None of my Tenants were listed etc. I was willing to give it another try, but now after logging in…
-
@Larry my TZ 670 with 32 GB secodary storage currently has around 139K system log entries, but only 8K of them are viewable in the UI. They are stored in 12.5K chunks which can be downloaded/exported manually. Sadly only one by one. No further analysis without external tools. Without secondary storage the logs cannot be…
-
@_peoples3 do you have access to the MySonicWall in which the Appliance is registered? If you're lucky and Cloud Backup was enabled you can download the config from there. If not, don't get angry and use the time for a fresh up-to-date configuration :) In both cases you need access to MySonicWall. —Michael@BWC
-
@David W I already did a couple of posts ago. 😎 In other words, it should work as documented, no major pitfalls? —Michael@BWC
-
@Mariusz you're listed as a Partner, just give it a shot on your Lab Appliance, don't take this word from some stranger on the Interweb. But it really does only delete the IP Report, I tested it earlier this morning and the log is unharmed. It's in the Flow Reporting section, so I wasn't that cautious about the system…
-
We all had high hopes having a SonicWall with actual storage, possibilities appeared to be endless, but reality hit hards sometimes. —Michael@BWC
-
I'am intrigued to give this a try. Maybe I'l find some time at the weekend, because this is something I would need for my customers too when they decide to switch over to CSE. @David W are there any known issue that this might not work as intended? —Michael@BWC
-
You can click on "Clear IP Report" on the internal settings page to reset the list. Not really straight forward, but actually I never needed it before :) —Michael@BWC