MarkD Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Just for clarification one machine which is a member of the domain runs the login script and the one that isn't a member of the domain does not run the domain login script. If so, that's a hint
-
Device, OS version ?????
-
Update the current firmware, if you are concerned about a reboot during the upgrade, i would suggest to take it out of service, remove the WAN and have the HA, and LAN connected. During the upgrade the standby unit is first to upgrade, then once the standby is online, the primary is upgraded. it does take some time, a…
-
If using policy based VPN, why don't you add the third part subnet into the encryption domain of both site A and B ? I'm assuming that the site B firewall already has a route to the third party subnet
-
There are no different subnets on the proposed network (assuming no other interfaces are configured as ARKWRIGHT say)- that is 1 IP subnet, one broadcast domain, no routing Proposed Change: New Interface IP: 192.168.0.1 New Subnet Mask: 255.255.252.0 (/22) New IP Range: 192.168.0.1 to 192.168.3.254
-
Create a zone for Wireless as needed based on LAN or DNZ, the WLAN zone provides the ability for SonicWALL APs to download their OS from the firewall. How do zones work in SonicOS? | SonicWall WLAN : This zone provides support to SonicWALL Access Points (SonicPoint or SonicWave). When assigned to the Opt port, it enforces…
-
The event logs can be filtered and or searched This one is based on a search for "user" I would say if you have the default logging level, those logs will be overwritten pretty quickly - hours not days. You can also backoff the event logs to a syslog server for long term storage
-
-
There is too little information provided Check the P1 and P2 parameters especially when talking things like DH21 etc both have different terminology Check proxy ID's / Encryption Domains Check the logs on both devices an provide more information
-
Not directly with LDAP, there is a SW tutorial for configuring WPA2-EAP for authentication using a Windows NPS server (RADIUS) using and LDAP group - although this on is a little dated How to Configure WPA-EAP Authentication for Wireless (sonicwall.com)
-
The specs are here - these are best case scenarios, its no BW that's the issue Id suspect its processing power that being chewed up SonicWall TZ Series (Gen 7) For 300 MB I would spec at least use a 570 or higher - connections speeds are just going to go up.
-
The CVE is published for this Security Advisory (sonicwall.com) Revision History Version 1.0 Date 22-Aug-2024 Description Initial Release. --------------------------------------- Version 1.1 Date 23-Aug-2024 Description Update - Adjusted CVSS Score to reflect intermittent availability impact.…
-
no one to many, use a front end LB behind FW
-
so if this isn't a second IP range associated with your primary. I would suggest looking at How can I configure a PortShield interface (LAN,DMZ,etc.) working in transparent mode? How can I configure a PortShield interface (LAN,DMZ,etc.) working in transparent mode? | SonicWall
-
How is the X5 interface connected? Is it to both the upstream ISP router and the remote firewall with a common switch ? Or is this second IP range allocated to your X1 where your physical X1 is say for example 1.1.1.2 with a GW of 1.1.1.1 and a second range of 2.2.2.0/28 ?