Menu

BWC

Cybersecurity Overlord ✭✭✭
Avatar

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

BWC Cybersecurity Overlord ✭✭✭

Badges (27)

5 Year Anniversary250 Answers4 Year Anniversary3 Year Anniversary250 Likes100 Answers100 Helpfuls2 Year Anniversary1,000 Comments50 Answers1 Year Anniversary500 Comments25 Answers100 Likes25 Helpfuls100 CommentsWork Out Loud5 Answers25 LikesFirst Answer10 Comments5 HelpfulsFirst Comment5 LikesPhotogenicName DropperEarly Adopter
See More

Reactions

9 Promote 189 Helpful 416 Like 0 Spam 5 Abuse

Comments

  • @temond the Rules should be more then sufficient (because they are very broad). The Interfaces X2 and X3 are connected to different switches or seperated by VLANs? Did you checked with the ARP cache of your SNWL if both IP addresses are listed here and therefore reachable from the Firewall? You mentioned that the Packet…
    in Get 2 subnets to communicate with 2 different interfaces Comment by BWC March 2024
  • @temond delete your Routes, they are not necessary and probably the cause of the IP Spoof Detection. Subnet Routing is alway included :) It comes all to the Access Rules Zone-X2 to Zone -X3 and vice versa. --Michael@BWC
    in Get 2 subnets to communicate with 2 different interfaces Comment by BWC March 2024
  • @rmori I'am not aware of any OID which provides this information, you might have a look into multi-step Webintegrations and gather the data via API (if provided). I never did this before but that would be my first approach. --Michael@BWC
    in Monitor SNMP license expiration Comment by BWC March 2024
  • DNS Security needs to be licensed from 7.1 and up. It's part of APSS and noone could tell me the SKU for extending EPSS. IMHO the Label Maintenance Relese is misleading, because 7.1.1-7040 was a Feature Release (or Early Release?) and only due to a huge vulnerabilty it became MR. Best Firmware for Gen7 is 7.0.1-5145, IMHO.…
    in Dropped by DNS sinkhole.Domain Comment by BWC March 2024
  • @blue that's interesting, it might be a Sonicwall Newsletter which hit Mandrilapp in the past 😂 I guess you can't modify any settings for DNS security without the valid license? Was it enabled before upgrading to 7.1.1? Did you checked the configuration via CLI, maybe the upgrade messed things up and you need to disable it…
    in Dropped by DNS sinkhole.Domain Comment by BWC March 2024
  • @mike_bluetabs this might be what you're looking for: You cannot change the scope of these predefined Groups, just make sure your custom Group is a member to the Group which fits best for you. --Michael@BWC
    in Assign Management Privileges to Local User Group Sonicwall TZ400 Comment by BWC March 2024
  • @dp8 I'am connecting to a Gen6 device with TLS 1.2, it might be related to some changes in the Firmware, you should upgrade to 6.5.4.13. TLS 1.1 is deprecated, you can check with your browser what is getting negotiated. There is an option to disable TLS 1.1 (recommended). --Michael@BWC
    in Which TLS Version is prefarable ? Comment by BWC March 2024
  • @blue DNS Security is a new payable option for SonicOS 7.1 and up, if you're running 6.x or 7.0.x it's working without a dedicated license. IMHO there is no published list of blacklisted domains. --Michael@BWC
    in Dropped by DNS sinkhole.Domain Comment by BWC March 2024
  • @PSI just do the support limbo for each type of appliance and 560 will become probably less than 30. It's still a bummer but probably the fastest way to get it done. I requested the hotfix recently and provided all the information about the known issue, got the firmware within minutes. Best of luck. --Michael@BWC
    in Problem with Dyn.com Comment by BWC March 2024
  • @Avellano best approach is to do a Packet-Monitor on the side where the ping is expected (or do it on both sides) to check if anything gets dropped and work up from here. Within the Packet-Monitor you can see if the echo request gets dropped, routed to the wrong interface, gets forwarded but not answered by the endpoint or…
    in VPN Issue - 24/7 Support Call? Comment by BWC March 2024
  • @JWBDH it might be the all time classic, could you try to put a mini switch between X1 and your Modem? This solved port flapping for a lot of us. SonicWall never answered the question why this happens but if a 10$ switch solves the issue I honestly don't care anymore. --Michael@BWC
    in TZ 370 Flapping on X1 Comment by BWC March 2024
  • @cyber_monkey there is a Reference Guide for the Events, but for me it wasn't very helpful, maybe you have better luck. --Michael@BWC
    in Syslog configuratoin with wazuh Comment by BWC February 2024
  • They might be able to login, but NetExtender should not work for all who are not a member of SSLVPN Services, it's not perfect but better than nothing. Having a LDAP filter would be a better approach, but there is none :( --Michael@BWC
    in Restricting LDAP authentication to a specific group Comment by BWC February 2024
  • @dbdan22 yes there is no LDAP Filter which you could use to limit the reply from the LDAP to only needed Accounts and Groups, this might be possible with a LDAP Proxy etc. But at the end, even if you import all of your users, they are not able to login with NetExtender as long as only your AllowVPN Group is a member of…
    in Restricting LDAP authentication to a specific group Comment by BWC February 2024
  • @dbdan22 it all comes to the Group SSLVPN Services, whatever User or AD Groups you assign as Member to that default group will have SSLVPN access. What is your current configuration regarding this group? With LDAP everyone can login but if you disable VirtualOffice the access via NetExtender should be limited. --Michael@BWC
    in Restricting LDAP authentication to a specific group Comment by BWC February 2024