Comments

• I think Xero failed to clarify they are using a separate ROUTER device AS WELL AS the Sonicwall. From the info you provided: "The whole idea is that you manually assign "your" public address(es) to one of the interfaces of your Mikrotik (other than the PPPoE one!), and you use RIP to inform the router behind the PPPoE…

  in SonicWall TZ670 Static Public IP with PPPoE Comment by TKWITS April 2023
• Do it by hand.

  in Migrate from NSA2600 to TZ370 not supported by Migration Tool -- options? Comment by TKWITS April 2023
• What are your site to site settings on both ends? What are your access rules? Give us something to work with.

  in Site to Site VPN nsv AWS Comment by TKWITS April 2023
• AFAIK there is no way to change how the DNS client on the Sonicwall functions, so you're stuck until you get either a different ISP, a third party DNS provider (Umbrella), a SASE with DNS, or utilize an onsite DNS server that is DNS over TLS capable.

  in DNS Proxy over TLS? Comment by TKWITS April 2023
• Provide us more details such as the configuration of both devices...

  in Synology NAS VPN -> TZ270 Comment by TKWITS April 2023
• Let me search for you https://www.sonicwall.com/support/knowledge-base/how-can-i-create-2-vpns-with-amazon-s-aws-on-sonicos-6-5-1-1-above/180410174739213/ https://www.sonicwall.com/support/knowledge-base/aws-integration-with-sonicwall-sonicos-6-5-x/181024232124532/…

  in Site to Site VPN nsv AWS Comment by TKWITS April 2023
• To address the only question I see. Pros and cons of IPSec vs SSLVPN can be pages worth of feedback. Some quick thoughts: IPSec requires a bit more setup and maintenance for a truly secure connection. Certificates to be maintained on client devices and a third-party MFA solution must be used. SSLVPN is much more straight…

  in SonicWall TZ370 - VPN Setup for Remote Site Comment by TKWITS April 2023
• "www.facebook.com probably makes calls to other site and SonicWall block them." You're right, many popular sites use Content Delivery Networks (CDNs). Make sure you allow any of Facebooks CDNs...

  in I want to block CFS category "Social Media" except Facebook Comment by TKWITS April 2023
• You havent provided any details of your configuration for us to go by, but my guess is you'll need DPI-SSL implemented. https://www.sonicwall.com/support/knowledge-base/how-to-block-snapchat-using-app-control-advanced-and-client-dpi-ssl/170505457996963/

  in Block AnyDesk using App Control Comment by TKWITS April 2023
• Is there a specific question you have?

  in SonicWall TZ370 - VPN Setup for Remote Site Comment by TKWITS April 2023
• You start by identifying the needs of your customer. Once you have the customers needs you can begin planning your network and the work to be done. Once you have a plan, you can specify your hardware and software requirements. Once you have requirements you can identify equipment that suits your needs. Once you identify…

  in firewall setup Comment by TKWITS April 2023
• "Another vendor has a cli method to select routing and origin nat ip for system-originated traffic. Is there possibly a Sonicwall equivalent to force dns requests from the X2 ip to ipsec vpn subnets through a tunnel sa its subnet falls under?" Not that I am aware of, but that doesnt mean it doesnt exist.

  in split dns proxy traffic dropped when nat policy applies on an ipsec vpn tunnel subnet Comment by TKWITS March 2023
• Open a ticket with support.

  in HA Issue with NSa 4700s and 3700s Comment by TKWITS March 2023
• @jcchat66 you should start a new discussion if you want to pursue the project you outlined.

  in TZ370 Comment by TKWITS March 2023
• There are different ways to accomplish your goal. First, what is your goal? What is your current Sonicwall configuration? What is your current switch configuration?

  in firewall setup Comment by TKWITS March 2023
More Comments