MarkD Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
The IKE SA delete is part of the IPSEC protocol. Check your P1 and P2 timings, Phase 1 should be greater than P2 as the P2 is inside the P1 tunnel. Try 28800sec (8Hr) for P1 and 3600sec (1Hr) for P2 on both sides of the VPN
-
have you thought about backup the config, and flatten the 3700, bring it upto 5161 and build the config from scratch? otherwise you're working backwards You always have the backup if needed, but sounds like the configuration isnt too extesive, and you can always extract parts of the config manually.
-
I'm basing this suggestion on how I know the firewall handles TCP/UDP connection, timeout. - not based on any experience of Quickbooks Specifically I see this with SIP TLS or SIP UDP The site is probably all dynamic content - not much you have control over its speed unless you are on a damp piece of string. And keep in…
-
sounds like the users are not actually doing anything fro a while and with TCP connection timeout is 15 minutes it will close the session. create a rule specifically for the destination and alter the TCP timeout, if you do it globally you risk exhausting the resources on the firewall Increase TCP or UDP connection timeout…
-
The following article provides guidance on useing the MS Authenticator application. This is not Entra MFA - thats a whole different bag. Using TOTP (Multi-Factor Authentication) Using Microsoft Authenticator on SonicWall Next Generation Firewalls
-
Ensure you PC firewall has inbound UDP 514 open to recieve the systlog messages
-
Under access rules you can see the statistics of Policies and No. Hits and last hit. If you want to review the Firewall Logs (action drops) through the Monitor/Logs Under device/log/settings Import the firewall Action Template you can also customize the GI Log events in the same place. I would suggest if you want long term…
-
IKE ID ? not matching What is error code 33 — SonicWall Community
-
IKE id - I would suggest on the Checkpoint is based on IP address - as is the Sonicwall by default. First try enableing NAT traversal under IPSEC VPN advanced As your firewall is behind a NAT device, the checkpoint will see the request from the external Natted WAN address but the IKE identifier is the pre-natted address of…
-
review the configuration you have put in place on each device.
-
those entries are detailed in your link - Network access
-
Sounds like you were taking advantage of a quirk in the Wachguard VPN stack which bound to one interface. if GVPN functions as Netextender does NetExtender also adds routes for the local networks of all connected Network Connections. These routes are configured with higher metrics than any existing routes to force traffic…
-
Multiple IP ranges work fine for Inbound and Outbound Configuring Multiple WAN subnets using static ARP with SonicOS Enhanced | SonicWall The ISP's upstream router needs to be configured to forward this address range directly to your X1 Primary IP WAN address Create WAN address objects for your new host IP on that WAN…
-
The internal log storage is limited, you could setup a syslog server (something like Kiwi syslog) on another machine and send the logs for further analysis.
-
A network object for your X3 WAN interface (it should already be there Create an address object for the LAN devices you want to use this X3. Create a NAT policy ie org source LAN-OBJECT translated source X3-OBJECT - dest original original Create a route policy LAN-OBJECT destination any outgoing interface X3 you may need…