BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@Trevor it's described over here what I'am struggling with. EDNS should have make things better, but the outcome is not consistent. --Michael@BWC
-
@Mauricio it's a relatable request, sadly their is no such thing like a public directory of enhancement requests, I suggested that in the past, but it ended in create a RFE with your sales rep. --Michael@BWC
-
Hi @Mauricio I checked on Gen6 and Gen7 and it is not possible to add a FQDN object to the Client Routes for SSL-VPN. If static IP Host Object is no way to go, you might be out of luck on that. --Michael@BWC
-
Hi Steph, I checked and everything seems to be fine on my end. Could it be a browser related display issue? --Michael@BWC
-
Hi guys, I cannot answer any of these questions, because sadly SNWL is radio silent on that, but there was no word in the Release Notes mentioning any change in the Judgement Order. --Michael@BWC
-
@JRVcst do you run your own CA (which you should do) or did you issued a simple self-signed server certificate for your LDAP? IMHO the Certificate will only be listed as validated if it got issued by a trusted CA. I guess the keyUsage of your cert only covers digitalSignature, nonRepudiation, keyEncipherment, keyAgreement?…
-
This issue seems to be fixed in a private build 10.2.1.2-24sv-SMA3228, hopefully the fix will survive the public release. Cannot say if it was already fixed in another 10.2.1.x release, because I couldn't use them anymore. --Michael@BWC
-
I've got a new build which brings back Radius C/R once again, 10.2.1.2-24sv-SMA3228. Hopefully a new version will be released to the public soon. --Michael@BWC
-
@Trevor @SonicAdmin80 I'am running 10.0.11 for over a week now and couldn't find anything that got broke. EDNS seems to be working but I'am still struggling with the impact on SPF/DKIM, sadly no more replies to my other post on that. I'am in the process to update all customer deployments to 10.0.11 this week. --Michael@BWC
-
@SonicAdmin80 I'am running 7.0.1-5030 on all of my deployments at the moment and VPN-wise is running fine. But no specific Azure experience over here, plain vanilla Tunnel Interfaces to other SNWLs. --Michael@BWC
-
Hi @Jour I can only speak for Gen6 in HA with PPPoE and there it usually takes 1-2 Minutes when the failover happens. Hopefully this isn't getting worse with Gen7 because I'am somewhat before replacing some Gen6 Installations, including HA. --Michael@BWC
-
@David W thanks, highly appreciated if you or someone else can shed some light on that matter. --Michael@BWC
-
@SonicAdmin80 I'am still struggling with some weird SPF results and trying to make some sense out of it, but sadly no response so far over her: But at least with 10.0.11 the ES is sending DNS Queries with an OPT record. I'am still capturing DNS packets, maybe I can see larger UDP/TCP answers over time. --Michael@BWC
-
@Jour no the network routes from back in the days were initially created on the Gen7. But they are plenty of reports that importing Gen6 configs are messing things up hard, maybe you found a gem yourself. Did you already jumped through the Support hoops, I guess it'll come to that. --Michael@BWC
-
@Jour I'am not aware of any grouping, but the existing NAT rules you're talking about were created on the NSa 2700 or were they imported from a Gen6 Appliance? In the early days of Gen7 (around 7.0-R7xx) I reported a problem that VPN Interfaces with similar names couldn't be properly selected in Network Routes, maybe it's…