BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@Jour which Firmware Release you're currently running? I tested on a TZ 670 with 7.0.1-R5023 on Firefox, I created a NAT Rule, cloned it and changed the Service Port. Then I selected the first NAT rule and hit Delete, the Clone was still there. Can you reproduce this and what steps are necessary? --Michael@BWC
-
@DominicWild the issue got resolved by uninstalling Capture Client, all good now. This might not work for all 😉 I have a single Endpoint left with CC. Whenever it happens again I'll try to turn on debugging, which is a total intuitive thing to do in such a case. CC Web Protection Filter was a constant cause for problems.…
-
@DominicWild just checked with the available options on Phase 2 and I guess GCM16-256 is what you might looking for? The screenshot is from Gen6, I guess Gen7 covers it as well. --Michael@BWC
-
@SonicAdmin80 @Halon5 downloading 10.0.11 right away, the one and only new Feature mentioned: "Support for EDNS". Is there some light at the end of the Tunnel? It better be not a Train full of new bugs. --Michael@BWC
-
Firmware 10.2.1.2 got released and the private build looked promising, but what the heck, the final version messed things up again. What is going on? I'am glad that I did not allowed to close my ticket until further notice. Ridicules. The Duo related Browser window which was appearing on macOS only now pops up on Windows…
-
Hi @ATT all of my deployed Gen6 appliances are running 6.5.4.8 without major problems. 6.5.1.5 is dated from July 2019, ask yourself if you would like to have a 2+ years old firmware running on your Firewall, maybe then you've got your answer :) --Michael@BWC
-
Hi @Bluray it depends on your Zone settings if it is allowed or not per default. If you check your LAN Zone for example, it automatically sets "Auto-generate Access Rules to allow traffic to zones with lower trust level" which is the Allow ALL to WAN Rule you're concerned about (for a good reason). For that matter,…
-
@jtuckerchug specify one or more access rules in your LAN->WAN ruleset only allowing specific services is what you want. Isn't that firewall 101? Everything what is not allowed will be dropped. --Michael@BWC
-
@NAT sadly, you're right. It would be an easy thing to answer for SNWL, but the swarm isn't in the mood or just don't care. --Michael@BWC
-
Hi @Canford the 10.0 got unlisted because of the plethora of security issues. But IMHO you can go from 9.x to 10.2.0.8 or 10.2.1.1 like shown in the upgrade matrix. SMA500v is part of the 100 Series, the linked KB article got you covered. --Michael@BWC
-
Hi @Canford I guess this covers all you wanna know --Michael@BWC
-
The values I mentioned labeled as "real" are from the Statistics Pop-Up on the VPN Policies page. Maybe it's similar glitch like the incorrect amount of DPI-SSL Connections in earlier firmware releases. But that's all speculation, I don't know why noone from SNWL chimes in. --Michael@BWC
-
AFAIK there is no public listing for the Jira Issues and the details behind it. Would love to see it as well for all products, because as a partner it gives me a deeper insight if any reported or encountered issue got resolved when not listed in clear. --Michael@BWC
-
@Rinconmike I have the 5030 Release running on a TZ 670 for a few days now, it did not broke anything so far. I was not affected by the fixed bugs in that release, but it's good to know that it was taken care of. --Michael@BWC
-
Eric@DisaRicks I assume 172.20.85.254 and 172.20.30.254 are bound to your SonicWall? 172.20.30.254 to Interface X4 and what about 172.20.85.254? The SNWL is not expecting 172.20.85.0/24 as src address arriving (ingres) from X4, so I guess 172.20.85.254 is not bound to X4? --Michael@BWC