TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
Not strictly a NAT table, but the Connections monitor should help you. https://www.sonicwall.com/support/knowledge-base/monitor-connections-on-the-sonicwall-firewall/170505575310244/
-
Are your SSLVPN clients allowed to connect to the internal interface of the Sonicwall? Are you setting the SSLVPN client DNS as the internal interface of the Sonicwall? Are you setting the SSLVPN client DNS lookup order? Show us / describe your config more...
-
Look into round-robin DNS A records. The exact thing you are looking for would require a load-balancer but round-robin DNS might be enough for your needs.
-
It seems you forgot the other half of the 'port-forward', a NAT policy. The below KB should help, you'll just need to use your own IPs, Ports, etc. rather than their examples. https://www.sonicwall.com/support/knowledge-base/how-can-i-enable-port-forwarding-and-allow-access-to-a-server-through-the-sonicwall/170503477349850/
-
Not specific to that FW version but I've run into this a few times on Gen6 devices. It's been a few years since the last time I ran into it. I've made it procedure to reboot any firewalls prior to doing a firmware update, it seems to have cleared up any booting into safe mode during a FW upgrade.
-
Have you considered Arubas switches? Not the 'Instant-On' line, as those are foo. Dell PowerSwitches? Cisco's equipment is solid by all means, but for small to medium businesses they are overkill. You can get the same networking features for less. The main thing missing will be the robust diagnostic features. How many…
-
I dont recommend Ubiquiti's older 'Unifi' line of switches, we chose to use the EdgeSwitch line and have had little to no issues. Unfortunately the 'Edge' series has been soft-retired and now there are only 'Unifi', of which the Pro and Enterprise lines would be my first choices (they do not require the Unifi Controller…
-
Without more information on the Luxul ABR-5000 (boy is the documentation bad) it's very hard to say what it can and can't do compared to a Sonicwall. My guess is it has NAT and firewall capabilities (since its claimed it can do port-forwarding) so technically you are likely already providing a firewall. I usually agree…
-
I've never touched PFSense or Palo so pardon my lack of information.
-
I dont know of a full implementation of this feature on other common non-Cisco firewall vendors.
-
AFAIK this is not possible with the Sonicwall DHCP server.
-
Or just have the ISP change the device to bridge mode as Ajishlal mentioned. Much easier than having to deal with double NAT.
-
@Community Manager should get involved
-
Do not create two tunnels, have all subnets going through the same IKE tunnel. You'll have one IKE tunnel with two IPSec SAs.
-
Run a packet capture on the TZ470 looking at traffic destined for the VPN tunnel and see what's happening. https://www.sonicwall.com/support/knowledge-base/how-can-i-setup-and-utilize-the-packet-monitor-feature-for-troubleshooting/170513143911627/