TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
@BWC No worries, I had a few days off due to COVID... Thanks for the link to the RIPE article.
-
Having all your VLANs in the same Zone is bad practice. The whole point of VLAN-ing is traffic separation. Putting them all in the same zone effectively negates having a firewall / UTM device.
-
Right, evidence indicates they are not blocking inbound port 443, but something is filtering replies and I'm gonna guess it's the school.
-
Show us your Zones and Interface pages.
-
Im guessing because you are on a school's network that they are blocking TCP 443 for good reason and will never unblock it.
-
Web searching is your friend...
-
It was 158.x.x.x.
-
If you want easy you may want to look into a new career (-:
-
You cannot select a port labeled as 'independent' on the Portsheild page. You can only select currently port-shielded or unassigned ports. I have confirmed this on another Gen5 model. Did you setup a DHCP range for port X7's subnet? If not, you won't magically get an IP...
-
Mobile Connect on Windows is officially unsupported as of the day you posted this. What happens if you use NetExtender?
-
You can use IKEv1 Main or IKEv2 for firewalls with ISP provided DHCP. Use Dynamic DNS. Set specific IKE ID's. Aggressive mode should be avoided. I wonder if the issue you are describing (a secondary WAN interface drop causes IKE/IPSec connections on the primary WAN interface to re-establish) is due to Aggressive mode. What…
-
You cannot HA between different generations since firmware versions need to be the same.
-
Is your ISP blocking HTTPS traffic to your IP? Nmap to your IP (sorry you didn't hide them all) shows port 443 is filtered.
-
I guess I will just avoid your threads.
-
Whats your firmware version on the TZ470, the latest? What troubleshooting have you done? Are the VPN tunnels on the TZ470 set to use a specific interface (VPN Policy \ Advanced \ VPN policy bound to)? Aggressive mode is not recommended due to known vulnerabilities.