Comments

• What is providing MFA the Sonicwall? What firmware version are you running? I havent seen this with MFA provided by Sonicwall specifically, but ran into an issue where an old password change policy was set when users were first imported, then the password policy was disabled, but would still be enforced on users that were…

  in Why are some users foreced to Rebind Comment by TKWITS December 2022
• Maybe you can shed more light on how broken it is to cause a HUGE security hole...

  in Remove 2fa from logging into MySonicwall Comment by TKWITS December 2022
• Disabling MFA for any administrative accounts anywhere is not recommended. Occasionally I will have problems with it but IMO it's poor web programming rather than the implementation of MFA. Failed logins will redirect you to a login page, then a successful login on said page doesn't have a correct redirection, so the login…

  in Remove 2fa from logging into MySonicwall Comment by TKWITS December 2022
• The address object for the syslog server on the branch firewall is in what zone? Have you run a packet capture while NOT excluding syslog traffic?

  in Sonicwall SYSLOG sending to workstation over VPN Comment by TKWITS December 2022
• Buen dia, Póngase en contacto con su representante regional de Sonicwall. Utilice el menú desplegable para seleccionar su país.

  in TZ400 Comment by TKWITS December 2022
• I will also point out that DSCP tagging gets lost when encapsulated by a VPN tunnel until it is de-encapsulated on the other side. The VPN traffic traverses the internet with no prioritization over other protocols. Now whether or not your ISP adheres to customer DSCP tagging is another thing. Like @BWC said, there is no…

  in VOIP not working over site to site vpn Comment by TKWITS December 2022
• "what is the relationship between the To/From Zones and the Source/Destination addresses in the Access Rules, and why do the zones not always match the destination addresses?" Your thoughts are mostly accurate. Generally they match, but when a translation is applied (NAT), like you said, you must use the zone the…

  in Need help understanding Access Rules Source and Destination Addresses Comment by TKWITS December 2022
• Can you provide a more thorough description or a diagram?

  in Cisco router VPN tunnel through TZ 215 Comment by TKWITS December 2022
• The short version: VoIP is sensitive to loss, bandwidth, packet fragmentation, and packet re-ordering since it is based around UDP. UDP just sends packets without handshake or confirmation. The biggest culprit of packet manipulation are VPN tunnels. VPN tunnels are great for connection-based protocols (TCP) as they are…

  in VOIP not working over site to site vpn Comment by TKWITS December 2022
• Have you searched?

  in Windows Update broke NetExtender VPN Connection Comment by TKWITS December 2022
• You have failed to mention anything about the Sonicwall device used, firmware, or software version of your SSLVPN client. Searching the forum might help: Your testing methodology is less than ideal. Do you know what protocol(s) 'BeyondCompare' uses? Is the underlying protocol the most efficient one? Windows (is that what…

  in Compare or Copy files slow when using VPN (Client to Site) Comment by TKWITS December 2022
• As long as the Allworx is performing routing I would agree. How can we be sure? A packet capture never lies. Could the static routes set on the Allworx also provide us clues?

  in TZ 470 Configuration with Layer 3 Switch and on prem Phone Server Comment by TKWITS December 2022
• I'll throw my hat in the ring and say make sure you're running a recent firmware! Gen 7's early code was terrible! If you have extra resources on a VM host, run a Debian syslog server and dump your firewall logs to that. The 'Treacherous Three' strike again!

  in Please tell me this CAN'T be true... Comment by TKWITS December 2022
• Don't you love it! Thanks for following up with the hotfix info.

  in Performance tuning for SSLVPN Comment by TKWITS December 2022
• Have you searched?

  in Error happens in tunnel negotiation Comment by TKWITS December 2022
More Comments