Comments

• Nest your LDAP Groups in local groups, or use the Users Excluded option...

  in Access Rule - LDAP groups not working Comment by TKWITS May 2022
• Yes and no. A UTM would NOT be able to use it's DPI-SSL and security engines to investigate that traffic in the instance mentioned. BUT having DPI-SSL enforced would cause the connection to DROP becuase the UTM wouldn't be able to complete the handshake due to the SSL pinning. So technically it's performing the preferred…

  in Risks associated with DPI-SSL exlusion list Comment by TKWITS May 2022
• You may want to exclude services like telemetry and DNS from keeping users active. Users \ Settings \ User Sessions \ Don't allow traffic from these services to prevent user logout on inactivity

  in NetExtender Users Timeout Options Comment by TKWITS April 2022
• There is nothing you can do to sort this out. Support will likely tell you to rebuild from scratch.

  in Oh how I love the new SonicOS.....anyone have this problem? Comment by TKWITS April 2022
• Search the web for the domain name, surprise! It's Let's Encrypt, a well known and trusted source of SSL certificates...

  in CFS - Is this host safe to allow? Comment by TKWITS April 2022
• Unless you have Analytics, GSM, or NSM Advanced, you'll need another tool to obtain this type of report. SNMP is your friend.

  in 3 month total bandwidth utilization report Comment by TKWITS April 2022
• I hope its not port 3389... But if it is, restrict connections coming to that port from only his known IP address. If that's too much, temporarily disable the Access and NAT rules allowing the connection during the compliance scan, then re-enable once you pass. Ultimately though you should find someone who knows what they…

  in I am failing a PCI compliance scan. Any help would be appreciated. Comment by TKWITS April 2022
• Maybe they dump everything older than 1 year... But yes, why a 'All' option is unavailable is silly. @EnaBev @Micah @Michael

  in Search for older threads than 1 Year Comment by TKWITS April 2022
• I believe you are looking for what Sonicwall refers to as Radio Resource Management. Otherwise no.

  in load balance APs Comment by TKWITS April 2022
• Check that the modem model has 10G BaseT or SFP+ ports, otherwise it's likely the modem only has 1G ports. It could be the SFP module is not auto-negotiating properly, you can try to hard set it to 1G Full. Sounds to me like they are selling a speed they cannot technically achieve...

  in Trouble getting multi-gig on a TZ670. Comment by TKWITS April 2022
• Does increasing the idle timeout cause the disconnection to happen at the newly set time?

  in How to keep active users from being kicked out by an idle timeout? Comment by TKWITS April 2022
• Another fine example of frAGILE development.

  in Gen7 Firmware 7.0.1-5052 released Comment by TKWITS April 2022
• If you are not on the latest firmware version please update to it. If that does not help support would tell you to factory default the unit and set it up with enough config to get it connected and functional in the environment, then run it as such for a week or two. It is also recommend by Sonicwall to NOT disable…

  in Assistance Needed Connection Drops on X1 Interface Comment by TKWITS April 2022
• Since you are not changing sub-version (e.g. 6.2 to 6.5) you can go direct to the latest. For clarity I believe you probably experienced a bug.

  in Enable ping on X2 interface broke DHCP Comment by TKWITS April 2022
• The latest 6.5 firmware is 6.5.4.9 which is what you should be running.

  in Enable ping on X2 interface broke DHCP Comment by TKWITS April 2022
More Comments