Comments

• @TBausenwein if the unit is registered with your MySonicWall Account check it there. If not, ask the seller or owner of the unit to check for you. If you can't get in touch with a possible previous owner and you're the rightful owner get in touch with SonicWall via MySonicWall. --Michael@BWC

  in 18B169858D9 Comment by BWC March 2023
• @abhishekbisaria I'am confused, according to the Getting Started Guide there is a serial console port on the SMA 200, not sure if anything will be reported there, but it's worth a try because it might show messages which could not be logged to file. If noone accesses the appliance and the appliance is still rebooting it…

  in SMA 200 Appliance keeps rebooting every few minutes Comment by BWC March 2023
• Abhishek, no, because your httpd is crashing I really meant to deny any traffic from WAN to the SMA, just for a little while to see if the process is still crashing. Outbound shouldn't be a problem here. Does the SMA 200 has a serial console port which you could check as well? Hardware related issues might be shown here.…

  in SMA 200 Appliance keeps rebooting every few minutes Comment by BWC March 2023
• @abhishekbisaria the SMA is quite old, what firmware is running on it? I had trouble with 10.2.1.6 and publishing Exchange Active Sync, no problems with 10.2.1.7 on that front. Is the SMA still crashing when you deny any access to it from the WAN (on your Firewall by blocking 80/443)? --Michael@BWC

  in SMA 200 Appliance keeps rebooting every few minutes Comment by BWC March 2023
• @SWuser_123 yes, the traffic flow is correct. As always, Firewall configuration needs some caution but there is no alternative. Vulnerabilities with SMA are somewhat common, so always be on alert, but this counts for every externally exposed service to be fair. You need to be careful what your SMA (or the NetExtender IP…

  in SMA Deployment Comment by BWC March 2023
• @SWuser_123 the SMA has "no" routing and security capabilities like a Firewall, look at it more as a Webserver with some bells and whistles. You wouldn't install a Webserver in front of a Firewall, would you? :) Internal is "relative" in that situation, because it's isolated from the rest of the network by the Firewall in…

  in SMA Deployment Comment by BWC March 2023
• Correct, sounds a bit strange, but is the simple approach without messing things up. You need to configure a secondary address to your PC though, e.g. 192.168.1.50/24. Firewall MGMT IP is 192.168.1.254. --Michael@BWC

  in Migrate from NSa 4650 to NSa 4700 HA firewall Comment by BWC March 2023
• @Asif_Iqbal yes, you just need to configure X1 as DHCP, which is IMHO already the default if I'am not mistaken. Just make sure to connect the MGMT port as well because Management Access via WAN is not allowed per default. --Michael@BWC

  in Migrate from NSa 4650 to NSa 4700 HA firewall Comment by BWC March 2023
• @Asif_Iqbal to be on the safe side I would connect MGMT and X1 to your LAN, if 192.168.1.0/24 isn't in use on your LAN. Configure X1 as DHCP client, this will pick up an address from your LAN and should be able to connect to the Internet. On your PC you need to configure 192.168.1.x/24 to access the NSa 4700 at…

  in Migrate from NSa 4650 to NSa 4700 HA firewall Comment by BWC March 2023
• @Asif_Iqbal I assume it's a Secure Upgrade, do the "Register only" on MySonicWall, this will keep the old units untouched for 90 days. Connecting the new units to your network can cause trouble because of the duplicate IP addresses, be careful on that. I usually create a new deployment network for this or attach the…

  in Migrate from NSa 4650 to NSa 4700 HA firewall Comment by BWC March 2023
• @sohand just for my understanding, what did you changed to get it working? You changed the NAT that the connection is initiated from the WAN to your clock instead the other way around? IMHO a good start into Wireshark and Packet analysis is this guy here: Over time you'll get more experienced, as always, learning by doing…

  in some packets dropping 443 Comment by BWC March 2023
• @SonicAdmin80 break free from the severity and be boundless. --Michael@BWC

  in SMA 100 Series - infected with persistent malware (fixed in 10.2.1.7)? Comment by BWC March 2023
• @Liz_R thats a misunderstanding, @Vijay_Kumar_KV was talking about the latest SMA Firmware 10.2.1.6 at this time (which is now 10.2.1.7) if it applies. The NetExtender bundled with the SMA is 10.2.331, if you're using NXT with your Firewall you have to pick the latest Client from over here: --Michael@BWC

  in NetExtender and Windows 11 Core Isolation Comment by BWC March 2023
• @Larry it's weird that you cannot download the Trace Logs etc. from the Internal settings, but if nothing helps I would consider attaching something to the serial console, that helped me in the past to catch some information while crashing. --Michael@BWC

  in TZ670 Random Reboot on 5095 Comment by BWC March 2023
• @SWuser_123 that is not the way to go, you put the SMA usually in a seperate zone like DMZ behind the Firewall. The traffic between LAN and DMZ is controlled by the TZ. On the SMA side you have to use Endpoint Control combined with a proper Authentication to grant access only to Users and Devices of your choice.…

  in SMA Deployment Comment by BWC March 2023
More Comments