Comments

• Larry is right on what support recommends, but that's not what their marketing dept. says. 'You choose which firmware is right for you...'

  in Is there a SonicWALL published 'Preferred Release' List by SonicWALL Model available? Comment by TKWITS July 2023
• See the discussion here and come back with questions. I dont think 'TCP sequence randomization' has anything to do with your issue. https://community.sonicwall.com/technology-and-support/discussion/comment/18299

  in Enable TCP sequence number randomization & asymmetric routing relationship? Comment by TKWITS July 2023
• Did you read up about this 'attack'? Most likely nothing serious, and possibly routine 'reconnaissance' of an automated type (think Shodan or webcrawlers). A few of these packets are not unusual to see every other year or so in my opinion / from experience.

  in TCP Xmas Tree Dropped Across Multiple Firewalls in Different Geographic Locations Comment by TKWITS July 2023
• Try using the individual address objects for X0 and X3 subnets in the SSLVPN Client routes. I have seen where groups aren't dealt with properly.

  in only X0 LAN subnet is reachable with SSLVPN connexion Comment by TKWITS July 2023
• @BWC is spot on. The security services previously provided by UTM firewalls are moving to endpoints. Too many weak links when corporate work from home / mobile devices are so ubiquitous. Also QUIC is ruining things for admins, so f google.

  in DPI SSl Comment by TKWITS July 2023
• I would disagree as it is possible Dropbox could serve a client a file via any of the other non-encrypted protocols, and thus be scanned by GAV or CATP.

  in DPI SSl Comment by TKWITS July 2023
• To understand what it is that is happening, read up on TCP handshakes.

  in Too many packet drops in Event logs/ Network Debug-TCP connection abort received; TCP connection dro Comment by TKWITS July 2023
• Per Microsoft's own documentation, you need to allow any Teams traffic through your equipment unrestricted.

  in Issues with MS Teams on App Control? Comment by TKWITS July 2023
• Reboot

  in How to reset bandwidth monitoring? Comment by TKWITS July 2023
• Do you have consistent downloads from other services? https://help.wetransfer.com/hc/en-us/articles/208163506-The-download-speed-is-slow

  in WeTransfer Downloads not working properly Comment by TKWITS July 2023
• What firmware are you running? Do you have bandwidth management applied? Have you tried changing the Sonicwall to SPI instead of DPI?

  in WeTransfer Downloads not working properly Comment by TKWITS June 2023
• I know its not ideal but try using the Global option on the access rule rather than Custom. See if that actually applies the restrictions. I never use the Custom option. What firmware version are you running? Always provide that info in your posts.

  in Geo-IP Block and Access Rules question Comment by TKWITS June 2023
• No idea, haven't used NSM in almost a year.

  in NSM details Comment by TKWITS June 2023
• There have been discussion here about NSM before and many of us agree its not worth it for small to medium business customers. Think though, if you have a contract to manage all the firewalls for all McDonalds locations in your state...

  in NSM details Comment by TKWITS June 2023
• Example FQDN: vpn.whatever.com Internal DNS server would require whatever.com as a controlled zone, and a 'vpn' A record to point to the internal IP address of the interface on the Sonicwall that would be connected to (e.g. LAN 192.168.200.1). External DNS server that controls the public whatever.com zone requires a 'vpn'…

  in Forcing traffic destined from the inside to one WAN interface out the other Comment by TKWITS June 2023
More Comments