MustafaA SonicWall Employee

Overview

Overview
Roles	MemberSonicwall Employee
Badges	17

About Me

About Me

Analytics

359

Posts

1,094

Visits

647

Points

Apr 13, 2020

Join Date

Nov 14, 2024

Last Active

Badges (17)

Reactions

1 Promote 41 Helpful 55 Like 0 Spam 0 Abuse

Comments

Use the Classic View on the NSA3600 and use UI6 option on the TZ570 firewalls. The menu options and UI layouts will be very similar.

in TZ570 need to downgrade FM 6.5.x.x to match NSA 3600 Comment by MustafaA May 2023
Migration from NSA-3600 to TZ-X70 firewalls is not supported. https://www.sonicwall.com/support/knowledge-base/can-settings-be-exported-imported-from-one-sonicwall-to-another-support-matrix/170505258332789/

in TZ570 need to downgrade FM 6.5.x.x to match NSA 3600 Comment by MustafaA May 2023
For port forwarding you need the Access Rule, which you have done, and the NAT Policy.

in noob Can't get simple port forward to work. Comment by MustafaA May 2023
You can use Dynamic DNS feature on the firewall, which you have the 2 SIM cards. If the WAN connection fails over from IP1 to IP2 the firewall will update the Dynamic DNS record. https://www.sonicwall.com/support/knowledge-base/how-can-i-configure-the-no-ip-dynamic-dns-profile/170505407002996/

in VPN Using FQDN Comment by MustafaA May 2023
@A_Elliott , you can use Bandwidth Management based on Access Rule also. In your Access Rule you can use the virtual interface subnet as the source and apply BWM.

in Per-vlan bandwidth limiting Comment by MustafaA May 2023
@mynameisnobody, did you use the Migration Tool when you transitioned from NSA4600 to NSa5700? What firmware are you utilizing on the NSa5700?

in NAT Rule stops working Comment by MustafaA May 2023
@RTtcv , have you checked the following KB article? How To Restrict traffic from only selected MAC addresses using MAC-IP Anti-Spoof Protection https://www.sonicwall.com/support/knowledge-base/how-to-restrict-traffic-from-only-selected-mac-addresses-using-mac-ip-anti-spoof-protection/170505994576762/

in Random Mac Addresses Comment by MustafaA April 2023
@shafeek , with limited available insight, I can suggest to make sure the Keep Alive option is enabled as well as the Dead Peer Detection.

in hai teams, Comment by MustafaA April 2023
@hertz_admin , CLI will also work.

in Migrate from NSA2600 to TZ370 not supported by Migration Tool -- options? Comment by MustafaA April 2023
@BWC , the big title fonts are not big enough to catch my eyes :) Looking forward to the test result.

in 7.0.1-5111 - IKEv2 not working because of 169.254.0.0 Comment by MustafaA April 2023
@BWC , what firmware is used on the Gen7 firewall? It could be related to "IKEv2 Cookie Notify" settings. If you have a chance to disable this settings and perform a test, that would be great.

in 7.0.1-5111 - IKEv2 not working because of 169.254.0.0 Comment by MustafaA April 2023
@BWC , I don't think this is a known issue, based on my internal search.

in 7.0.1-5111 - IKEv2 not working because of 169.254.0.0 Comment by MustafaA April 2023
@SR1500 , we have hotfixes available for both Gen6 and Gen7 firewalls. Please create a web case and reference GEN6-3898 or GEN7-39385 depending on which generation your firewall is.

in Changeip "Network Error"... Anyone? Comment by MustafaA April 2023
@JRVcst , if you have narrowed down the source of the WAN to WAN Access Rule for the IPSec communication, you should be good. Make sure the priority is set correctly or there is no additional Access Rule which allows this unwanted traffic.

in Stopping connections on IKE/500 except from remote S2S IP Comment by MustafaA April 2023
SonicWall™ Global VPN Client 4.10 https://www.sonicwall.com/techdocs/pdf/global-vpn-client-4-10-admin-guide.pdf

in update gvc with new version 4.10.8 from 4.10.7 ? Comment by MustafaA April 2023

More Comments