Comments

• You do not use a NetExtender profile that uses the WLAN interface address. The default rule is not sufficient.

  in Single NetExtender profile for both external access and WLAN zone Comment by TKWITS March 2023
• Not sure what you are trying to accomplish, can you rephrase your question?

  in Default Geo-IP and Botnet Exclusion Group Comment by TKWITS March 2023
• This can be called 'hairpin SSLVPN' and comes down to a few things. What does 'remote.domainname.com' resolve to when internal? It should resolve to the correct WAN public IP. Do you have SSLVPN enabled on the WLAN zone? It should be. Finally ensure there is a rule allowing traffic from the WLAN zone to the WAN zone…

  in Single NetExtender profile for both external access and WLAN zone Comment by TKWITS March 2023
• Don't use the switch as a router and let the Sonicwall do the work. AKA have all your vlans as subinterfaces of X0 and use a single port on the switch as a trunk to uplink to X0.

  in sonicwall / cisco switch Configuration ( 2 separate LAN networks using 2 different ports) Comment by TKWITS March 2023
• I wonder if these reboots have anything to do with the notice Sonicwall just put out.

  in TZ670 Random Reboot on 5095 Comment by TKWITS March 2023
• I would contact support for clarification.

  in VLAN over LAG on TZ570W Comment by TKWITS March 2023
• Im not here to argue, but the subject of the post is 'Dynamic Port Assignment ...' which implies Passive FTP. You mention "Passive FTP" multiple times in your original post. Pardon my believing this was about passive ftp...

  in Dynamic Port Assignment with an NSA2650 Comment by TKWITS March 2023
• IIRC Filezilla changed the way they handle Passive FTP a few years ago and mucked up a bunch of stuff. Maybe your server application did a similar thing. BTW the first KB article I posted answered your question.

  in Dynamic Port Assignment with an NSA2650 Comment by TKWITS March 2023
• I am not familiar enough with Sonicwall Switches to have any direct guidance, but is there not a way to set the LAG to tag instead of the individual ports?

  in VLAN over LAG on TZ570W Comment by TKWITS February 2023
• Run a packet capture on the sonicwall watching the exact traffic. If there is a drop after the LIST command is executed than investigate the cause of the drop...

  in Dynamic Port Assignment with an NSA2650 Comment by TKWITS February 2023
• Not sure, havent had the time to investigate myself.

  in Microsoft Edge changes TLS server certificate verification - which impacts DPI-SSL Comment by TKWITS February 2023
• What do your firewall rules between LAN and LAN2 look like? Have you run a packet capture to see why the drop is occurring? Read up on Zone-based firewall concepts.

  in Ping and traffic between X Ports Comment by TKWITS February 2023
• I do not have experience setting up a VPN tunnel using a BGP address. Have you tried seeing what options are available for configuring the tunnels 'bound-to' settings in the CLI? Contact support and let us know what you come up with.

  in Setup IPSec tunnel/site2site on BGP assigned public IP address Comment by TKWITS February 2023
• I guess it would depend if your OSPF instance is for private or public traffic. If its private traffic, static routes should be enough. If is public traffic youll have to consider NAT, firewall rules, and routes. Anytime I've had to break OSPF it was private traffic. No NATs were ever setup between networks so I never had…

  in NSA2650 and removing OSPF: what to expect and what needs manual fixing Comment by TKWITS February 2023
• Try creating the VLANs AFTER you create the LAG.

  in VLAN over LAG on TZ570W Comment by TKWITS February 2023
More Comments