TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
Configuration guides only help so much. Which device are you most comfortable with? Determine the Phase 1 configuration of the 'comfortable' device. Match that on the other device. Repeat for Phase 2. Example: Phase 1 Protocol: IKEv1 Encyption: AES128 Authentication: SHA DH Group: 14 Timeout: 3600 seconds
-
IMO, if you want the move to go smoothly than you will keep your 'legacy' network setup and not change anything. In all likelihood the 'new' provider isn't familiar with Sonicwalls, and your 'current' provider won't be familiar with what they put in. Honestly answering Larry's questions will get you in the right direction.
-
Ill try to help. Basically, if I have an allowed connection coming from the LAN, will the WAN block the inbound response anyway because of its generic rule? - No, the LAN to WAN rule will be the one allowing the traffic out, thus any WAN to LAN rules would not apply. It's not like old school ACLs where you need to allow…
-
"My scripts nowadays have a lot of environmental testing code in the mix so everything gets evaluated along the way." As is required. Sloppy coding is why issues like this exist in the first place. If I were to pursue this noble goal I'd skip 8.x versions and focus on 9.x and newer.
-
The way I do most cutovers is set everything up (or as close to everything as possible) ahead of time and leave the bare minimum to the day of. Usually day of cutover involves changing a few IPs, adding a few routes, DHCP/IP Helper adjustments, changing a few cables around, etc. In your case, I'd build out the Zones,…
-
I've used the information provided in the following links to do what you are looking to do. All destinations categorized as 'optimize' by MS get medium high priority and up to 75% of the available bandwidth.
-
Brilliant investigative work and thorough testing. Have you considered posting the script on GitHub? Sadly, none of the results of the investigation are surprising. It's likely none of the installer code has been updated since the days of Windows Vista.
-
About how things know what is tagged / untagged: As far as NativeBridge, what are you trying to accomplish with this? If you just want a routed VLAN interface theres no need to use 'NativeBridge'.
-
FYI support had a hotfix for this and stated it is included in the 7.1 firmware released today. I can confirm the hotfix has worked well for us so far (been a few days since implementation).
-
FYI support had a hotfix for this and stated it is included in the 7.1 firmware released today. I can confirm the hotfix has worked well for us so far (been a few days since implementation).
-
"I've tried multiple setting changes, including adding specific servers to the ADDRESS OBJECT/GROUP "Exclude" field." I would try flipping your configuration: Include set to all. Exclude set to an address group that includes everything except the 3 servers you are testing with. Hint: exclude your DHCP range, static set…
-
Thanks for bringing this up as we are about to likely run into this… I was trying to hold off on 7.1.1 firmware but couldnt any longer…
-
Enable HTTPS management on the LAN interface.
-
Have you considered utilizing MS' official list?
-
You might want to read the discussion going on here: But to answer the question posed in the subject, no you cannot.