Comments

• Define 'secure' in the context of the new question... otherwise you're asking the same question.

  in Security Concerns Using Self-Signed Cert and SSL-VPN Comment by TKWITS April 2022
• Let me search for you.

  in What is the best method to the iCloud API as a CFS exception? Comment by TKWITS April 2022
• Are you sure the idle timeout is the cause of the disconnection?

  in How to keep active users from being kicked out by an idle timeout? Comment by TKWITS April 2022
• Did you follow the GSG? You have to interpret what the articles are saying and apply them to your specific instance...

  in Setup Guest WIFI? Comment by TKWITS April 2022
• Have you read this? The NxConnect.bat file is located in each users AppData\Local\SonicWall\NetExtender, not in the client installation folder.

  in Can't change Nxconnect.bat (NetExtender client) Comment by TKWITS April 2022
• Have you read either of these?

  in Setup Guest WIFI? Comment by TKWITS April 2022
• Did you read these articles? https://www.sonicwall.com/support/knowledge-base/how-to-create-gen-7-settings-file-by-using-the-online-migration-tool/210115150800277/ https://www.sonicwall.com/support/knowledge-base/how-to-understand-and-resolve-settings-corruption/170505412006104/

  in migrating to TZ300 to TZ270 Comment by TKWITS April 2022
• See the article but apply the logic to the appropriate interface.

  in I have a sonicwall 2600, can i reroute the mgmt port so i can edit the ui from port X1 -X8 Comment by TKWITS April 2022
• @BWC I think you forgot a link. But just because a cert is self-signed doesn't mean the traffic the traffic isn't encrypted, because it is. Read up: https://en.wikipedia.org/wiki/HTTPS https://www.digicert.com/what-is-an-ssl-certificate

  in Security Concerns Using Self-Signed Cert and SSL-VPN Comment by TKWITS April 2022
• From: https://www.sonicwall.com/support/knowledge-base/configuring-one-time-passwords/170505594681886/ CAUTION: OTP cannot be configured for Global VPN Client (GVC) users. Instead, GVC users can use RSA token for two-factor authentication. Please refer to Two Factor Authentication Using RSA Radius And SecurID For SonicWall…

  in 2Fa for VPN remote access users Comment by TKWITS April 2022
• Other than some old, vague documentation, not that I am aware of. But most compliance requirements are explicitly written to be vague... As mentioned prior: restrict access to HTTP/S WAN management to only known good IPs; update your firmware; if you are using SSLVPN / GVPN get a cert from a public CA. Specific failures…

  in HTTP Security Header not detected Comment by TKWITS April 2022
• So you're not using DPI-SSL for clients. No need to add or enable it, it was so us folks trying to help have a complete picture. What firmware version are you running? Have you read: https://www.sonicwall.com/support/knowledge-base/how-can-i-setup-and-utilize-the-packet-monitor-feature-for-troubleshooting/170513143911627/…

  in Getting TCP Flag(s): ACK RST on https sites Comment by TKWITS April 2022
• Yes. Just because it is licensed does not mean it is enabled.

  in Getting TCP Flag(s): ACK RST on https sites Comment by TKWITS April 2022
• I will re-state 'this is basic networking and routing.' Is there a reason you wouldn't just make the Colo and Main site on the same network using only the one Sonicwall at the colo for everthing?

  in Configure TZ570 and Fiber DIA and EPL between buildings Comment by TKWITS April 2022
• Do you have DPI-SSL enabled?

  in Getting TCP Flag(s): ACK RST on https sites Comment by TKWITS April 2022
More Comments