BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@djhurt1 you can have seperate Certificates for SMTP and HTTPS is what I meant. If you just wanna handle a single cert then in your case a wildcard or mdc would be the way to go, coming with a little higher price tag. --Michael@BWC
-
Hi, first things first, other customers running R1262 von TZ 270 and 670 reported no general VPN related problems. But I'am having trouble with one specific deployment between a TZ 270 and a TZ 500. Whenever the TZ 500 is executing the WAN schedule down-time (daily at 2:59 AM for a minute) the TZ 270 is logging the…
-
Hi @djhurt1 if you wanna stick with Port 443 for your junk summary notifications and ES administation you need a 2nd certificate, then you can assign the mail.mydomain.org cert to the SMTP and unjunk.mydomain.org to the HTTPS part on the ES. You could do some voodoo by assigning a different HTTPS for the ES and do NAT, but…
-
@ThK 10.0.10 got released today and got this covered as Resolved Issue: HES: DHA settings are updating automatically. ES-6466 --Michael@BWC
-
Hi guys, this makes total sense, I have a few Gen7 Appliances in the field, still running R906 and no VPN related complaints so far. I advised my customers not to update to R1262 until this is verified. --Michael@BWC
-
Hi all, some news about this story, in the rare case you missed it. --Michael@BWC
-
I've got another private build today 10.2.0.7-34sv-SMA2517v2 and it seems that Radius C/R works at first glance, have to do further testing. But as usual there is a downside on this, Classic Mode (which worked fine before) isn't working anymore with Radius C/R. Grrrrrrrrrrrrr. 🤦 At least there is some form of progress,…
-
Hi, FYI, it was an Backend Issue (as always) and Support provided me with these details about it. This counts only for the new URL's, the existing URL's cannot be fixed because those are already Re-written by the Sonicwall. So i reported this issue to the back-end team and they mentioned below information: "The backend…
-
Hi @Simon thanks for speeding this up, I provided Imnan the requested TSRs already, added one from my "modified" SMA as well. The ipset in question looks like this at the moment, which is unfortunate, because it holds licensemanager.sonicwall.com :) root@sma01:~ # ipset list denyIpset Name: denyIpset Type: hash:ip…
-
@SonicAdmin80, old components in a SNWL product,? Nah, that can't be right 🤣 I had my philosophis take on this last year, will pass on this one. --Michael@BWC
-
@shiprasahu93 thanks, sounds promising, I'll check with the customer to do some further digging. Currently they disabled EPSV and the transfer was possible. This will be probably keep me away from getting to the bottom of this. --Michael@BWC
-
Updates my sightings over here: --Michael@BWC
-
Hi all, is really noone having these issues? This really makes me doubt myself. I opened Ticket #43674616 to get the bottom of this anyways. While doing some reasearch on the SMA it can be easily verified. Having USA blocked via GeoIP Filter immediately puts any host on the related ipset list denyIpset, when a packet is…
-
@David W , @Halon5 , @SonicAdmin80 just to get this right, because I lost track a bit. Last year I did some digging about SPF problems and came to the conclusion that the DNS resolver part of the SonicWall Email Security Appliance isn't honoring DNS Messages bigger than 512 Bytes. According to RFC1035 Section 4.2.1, DNS…
-
Hi @Enzino78 IMHO the NSa 4700 (when there will be such thing someday) should fulfill your needs, all the older APs are still supported in SonicOS7 atm, WLAN Tunnel Interface is still there, so you should be golden. Time will tell. --Michael@BWC