BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Hi, just to keep this alive, a current Support Ticket suggested to whitelist 204.212.170.143 in the ipset and I've got a private build for that. But 10.2.1.0 puts another IP in the mix. I don't rooted the 10.2.1.0 put I'am quite sure that it ended on denyIpset as well. postDeviceStatistics failed: LicenseManager failed to…
-
@The_Other_Guy the SND can be configured in your Domain Settings, AoV has to be activated on that level and the option "Don't connect VPN in Trusted Network" has to be filled with the Secure Hosts to look for. This setting is new in 10.2.1.0, I would have to check how it got accomplished in an earlier release. --Michael@BWC
-
Hi @Trevor , same for me, but Thumbprints are current according to the Diag Page. --Michael@BWC
-
EPC is enforced on Global, Group or User-Level, shouldn't it be fine if you disable EPC on your "External" User or Group? The Policies are just there for restricting access to Resources/Services. --Michael@BWC
-
@Craig_S do you mean that your "External" User should connect without ECP? --Michael@BWC
-
Hi @Craig_S this can be accomplished with the correct Policies. I always have a Deny ALL Policy with Priority 9999 and give the Users or Groups the needed Access by specific Allow Rules. IMHO you don't need a 2nd portal, assign the Deny ALL Rule to the Domain (Group), put your internal Users in one Group 'Internal' and…
-
Hi @RedNet this must be a reoccurring issue, you need to contact support to have them put the GeoIP License in sync with the rest. There is no GeoIP SKU. I had this at least one time and the Backend Team managed to sync the License with the Expiration Date of the Support Services. --Michael@BWC
-
Hi @Enzino78 I don't have a Gen7 with VLAN tagged WAN Interface in production, but in Gen6 this was not possible. I guess the only option would be to put a small managed switch in front of your TZ 370 and do the tagging there. While looking at a fresh TZ 670, the Network Interface Settings do not provide BWM for a virtual…
-
@Micah do you know if it is correct that the flaw was already reported in Oct 2020 right after the 6.5.4.7 Release and took that long to get addressed? Any ETA on the fix for Gen 5, will there be one? --Michael@BWC
-
@David W all of my deployments are warning about stale Thumbprints again, this is very confusing for my customers. I guess it's a Backend thing again? --Michael@BWC
-
Hi @Saravanan I'am not a native english speaker and get confused all the time, but what does this even mean? Is it 75K or just 30K, which would be wrongful advertising? Why does a simple question end up in a support case? --Michael@BWC
-
Hi @djhurt1 this will work just fine. --Michael@BWC
-
Affects 10.0.10 as well. This is an ongoing issue that I experienced on multiple deployments. It's a campaign driven by random @hotmail.com sender addresses originating from IP addresses detected as South Korea, USA and Germany. I strongly advise to handle all messages coming from donotreply-capture@sonicwall.com to the…
-
Thanks @David W 10 minutes it is, today I lost it after 50 minutes, did the reboot and the 2nd attempt was successful. File name was unaltered, so no problem here. An Update in (kinda) progress is nothing I usually wanna mess with :) --Michael@BWC
-
Hi guys, this is an interessting discussion, if 30K should be the correct value for a TZ 670, what will be the values for the other Gen7 devices? Even a TZ 370 is already listed with 30K. This would mean only 5K more connections than a Gen6 device? Hmm. 75K was the official value communicated to the Partners when…