TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
Were you using static routes on VM B and the Cisco? Presumably you have a switch (providing layer 1 and 2) off of X6; disconnect X6. Again, verify proper functionality without the Sonicwall 'in place'. Narrow your scope to rule out issues.
-
You dont have to completely pull out the Sonicwall, that is not what I meant... but I am not going to go through step by step of other ways of testing. You need to be able to think and troubleshoot yourself. Learn the OSI model, start troubleshooting at layer 1, and work your way up the layers. Hint: Instead of using OSPF,…
-
IIRC the SSO agent requires SMBv1 to be enabled on the DCs. Have you considered that?
-
What device is doing to the packet capture? If you notice, wireshark is smart enough to tell you what requests and replies are related. In the first screenshot, the ping from VM A to B is immediately replied to and wireshark notated the relationship. The reply from the Sonicwall is not notated as related (its possible the…
-
On 7.X firmware you can technically apply QoS (ToS or DSCP) to IKE/IPSec traffic via the WAN to WAN Access Rules Traffic Shaping page. The problem, from my understanding, is those rules don't apply to tunneled traffic, just negotiation. And while the same Traffic Shaping QoS options are available on LAN to VPN Access Rules…
-
Options are limited it seems, unless you can enable developer mode on it.
-
If your issue is that the connection is unstable, allowing an IP through the firewall wouldn't help anyways. Seems to me you need to evaluate your ISP options.
-
The above will help. 1) Your access rule is wrong. Your destination should be 'any'. 2) Your nat rule is wrong. It should be more like Original src=any; Translate src=wan interface ip Original destination=any; translate destination= original Original service= any; Translate service=orignal Inbound=any (or your DMZ…
-
Used it in the past, but not recently. I think youd need to pay for it for all the features you are looking for.
-
While the diagram is useful it doesnt answer the question. If a VLAN-tagged packet is received on a 'standard' interface that is not VLAN aware the packet will be dropped. If the interface is in a transparent or bridge mode than the packet will be passed. VLANing is layer 2, while TCP/IP is layer3.
-
The few HA setups I have did not experience this.
-
Disclaimer: I have no experience with Capture Client. From: https://www.sonicwall.com/support/knowledge-base/capture-client-rollback-function/210419085519140/ What is Rollback? Rollback function available with Capture Client restores the endpoint to the last available snapshot, undoing the changes made by…
-
If the device is registered to your mysonicwall.com account you should be able to download the firmware from the MySonicwall 'Download Center'. Otherwise search the web for the filename.
-
Make sure you clearly communicate the change to the vendors that manage the other VPN endpoints, and give them a schedule to work from. Testing new connections can begin on date X, full cutover 2 weeks later. You have to force peoples hands sometimes, and sometimes that means things won't work while people get their heads…