SonicAdmin80 Cybersecurity Overlord ✭✭✭
Comments
-
Ok. The TZ670 will be in use before I have time to observe if the update fixes the issue, so I guess I'll just see with TZ670 if the problem transfers over or not. I could do the configuration again through CLI but I suspect SonicOS 7 has changed syntax so a simple copy-paste probably won't work.
-
Thanks, I will do that. Any opinion if there's a risk for the problem to transfer to a TZ670 running SonicOS 7? For me the issue isn't just DHCP and VPN settings, everything is lost like a factory reset. I need to import settings, set the admin password and import SSL certificates and then it's as it was.
-
Yep, unfortunately with Gen 7 hardware SonicOS 7 is the minimum. Interesting to see how people adjust to worsening UI elements. The top tier brands are quite close in terms of feature set. If features, performance and price are close to each other among brands, ease of use has a big impact. Partners and end users like to…
-
6.5 has been mostly ok on my 13" laptop. I haven't seen many problems with the UI not fitting, usually the OK button can be scrolled to at the bottom. I still liked 6.2 better because it's faster to get to things, but 7 is a mess. I don't think Chrome has ever worked well with 6.5 at least, certain popup windows just don't…
-
Support said that the swi file can just be used and that the release note recommendation to use System Update is incorrect. Can someone from Sonicwall comment on this and if that's really the case the release notes should be corrected. I just also noticed that now the update is available through System Update, so I'll…
-
@BWC Yea, I'll try it on my TZ350 first as well. Almost all customers are using SSL-VPN so I'd like to start updating them, but will probably wait for the next scheduled downtime. I have one TZ600 HA pair which is still running 6.2.7.5-36n because many of the newer ones have had known HA issues. But I guess I have to bite…
-
@BWC Yes I see it for virtual appliance and Windows. But since there isn't really anything that relevant in the fixes for me, I'll probably stick to the current version for now.
-
Any more good or bad experiences with 6.5.4.7-83n? I'd like to update quickly due to the recent vulnerability, but wouldn't want to go through rolling back if they aren't stable. Perhaps I'll just update my home unit first and see how it goes.
-
Has anyone tried the recent 10.0.9 yet? No mention of this issue in either resolved or known issues.
-
Curiously, the SPF policy query in the system diagnostics page works by falling back to TCP. So ES is capable of correct queries, they are just not implemented in the inbound MTA path.
-
I heard they are working on implementing EDNS but it might be pushed back to 10.0.9.
-
For example the inability to send email with attachments from Outlook and to send files with WeTransfer. These are also a problem with 6.5.4.5 but seem to be fixed in 6.5.4.6. This is without having DPI-SSL even turned on, might have something to do with SSL Control because 6.5.4.6 had something fixed relating to that.…
-
@RichardRoy Azure AD is not LDAP so authentication from Sonicwall won't work out of the box. You would need Azure AD Directory Services add-on which gives the LDAP part. You could enable SSL and restrict connection from a single IP address, but VPN Gateway is a safer bet. I'm using AADDS this way over VPN and it works…
-
@Halon5 Yes, packet capture clearly shows the DNS server responding with an empty response with truncated flag set but ES not reacting to it properly by sending another query over TCP. Seems like a simple misconfiguration issue on the resolver used, like using the dig command with +ignore and +noedns options which I used…
-
Gailand has this information and is advancing this on their end. Hopefully we'll get a fix soon.