BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@SonicAdmin80 Firmware 10.0.19 got released which seems to fix the HTTPS Problem I reported on 10.0.18. I'll let it run for a few days and if everything goes well I'll recommend this Release to my customers. --Michael@BWC
-
@Smash I don't wanna be that wise guy, but did you talked about your Update plans with your supporting SonicWall Partner? I don't have much SMA 1000 series in the field anymore, but from the past I can say Updates are usually going very smoothly, but none of them are updated to 12.4.2 at the moment. Because it's mainly the…
-
@Vizsla I would not use that appliance anymore, but if you have to, check page 1306+ in here for OTP via Email, IMHO the one and only way for MFA on these old Gen appliances. Maybe it's possible with a Radius based MFA Solutation as well, but this might break the bank.…
-
@nflnetwork291 is this what you're looking for? The Google search term was: sonicwall multi factor authentication vpn --Michael@BWC
-
@gussr16 the one and only thing, as mentioned before, is this one, but I guess you checked this already. Maybe you need to open a Ticket for that. --Michael@BWC
-
@SonicAdmin80 I always fall in to the sword for my customers by being an early adopter and immediately sent out a quick warning note to not install :) The reputation of ES is debatable. --Michael@BWC
-
@gussr16 then I need to throw the Towel, I tried different IP addresses to send the syslog data to, to make sure it's not Zone or Interface related, but I always saw the packets in the Monitor. If you made sure that on the "Settings" Tab of the Packet Monitor Syslog is not excluded I cannot think of anything else at the…
-
@gussr16 I checked and can see the Syslog packets. Do you have by any chance set a Display Filter or did not clicked all Checks on the Display Filter page? I guess you're on 6.5.4.10 as well? --Michael@BWC
-
@SonicAdmin80 it seems it got pulled. I already have an open case with that Release just 5 Mins after Installing. They messed something up with the Certificate Handling or OpenSSL, can't tell because after the blame game I did not got any further information. Shoutout to @Gailand as always for walking the extra mile.…
-
@Ajishlal this must be in another context, using Port 513 for Syslog on the NSa works fine. --Michael@BWC
-
@gussr16 I checked on my NSa running 6.5.4.10 and added a second syslog server and both servers got the syslog packets. If you can't see the traffic in the Packet-Monitor, you did not have the "Exclude Syslog Traffic to:" checked by accident? IMHO it's the default. Did you checked with tcpdump on your Wazuh if any syslog…
-
@mikeblas I wasn't paying attention to the Tags, my bet. Follow the steps for Gen6 (SonicOS 6.5) from this KB-article: The Support for Secondary Subnets can be found in the ARP settings section. After activating this setting you need to go back to your Interface settings for X1 and configure the new subnet on the Advanced…
-
@mikeblas I'am somewhat in the same situation with a Vodafone Cable connection. Arris Modem is in bridge mode and has the internal IP 192.168.100.1. But I don't need to configure anything special, because the Modem just intercepts the traffic destined to 192.168.100.1 and provides the Web Interface for the Modem. It seems…
-
@ToddAndMargo I would go for page 262+ and 393+ in this document It's not listed for SOHO 250 for no reason. This might help as well if you're not that familar with SNWL. --Michael@BWC
-
@ToddAndMargo SOHO 250 is running the same SonicOS 6.x (Gen6) like any other TZ or NSa Appliance. So yes, you can create Zones, have multiple isolated Interfaces, VLANs etc. --Michael@BWC