TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
There is no 'PCI Compliance tool' that I am aware of. Compliance is usually provided by a third party that analyzes a business' policies and procedures, and does firewall scans.
-
Are you running any security services? If so try disabling them and see if it stablizes.
-
For clarification, without enabling the Ping option under Management on the interface you won't get replies to pings. No management option should need to be enabled for the interface to pass other traffic.
-
Unfortunately I do not have a fix for the pings. I get the same response on devices running 7.0.0 R906. I am going to upgrade and re-test.
-
What log are you looking at, on NSM or on the device itself? Have you enabled/adjusted all log settings?
-
How is the X2 interface configured, as a bridge? as a portsheild interface? what do your access rules look like? you haven't provided us much info.
-
Have you tried downloading from a different connection? It sounds like the firewall is passing the traffic appropriately.
-
What firmware version are you running? Do you have any security services enabled? You haven't given us much info.
-
First thing, make sure you are running at least 7.0.1 R1465. Questions, did you generate the CSR on the Sonicwall or elsewhere? Is it a wildcard cert? Have you looked at sonicwalls KB's? or https://www.digicert.com/kb/ssl-certificate-installation-sonicwall-nsa.htm
-
Look into Sonicwall's Capture Client. The TZ alone cannot automatically isolate a device if it becomes infected.
-
Have you tried in the CLI? Otherwise don't trust Sonicwall's config import matrix and recreate the config manually.
-
VLANing can be tough when switch vendors do their own thing, but once you understand what all equipment is expecting (tagged or untagged traffic) then it gets easier. "From what I'm gathering in the video I watched I setup zones for the different segment groups within my network and then setup virtual interfaces for those…
-
QUIC is Google's lossy implementation of HTTPS. Its been made a standard (unfortunately), but as PRESTON mentioned it can cause issues with DPI-SSL functioning correctly with Chromium-based browsers. There's a reason PRESTON mentioned it. Since it was just ratified into a standard in May, I doubt any companys DPI-SSL can…
-
If the device is listed in MySonicwall, but you cannot login to MySonicwall through the device GUI to update registration, contact support.
-
Answers to questions: what would be the best approach to segment these devices? Do they all need to be setup on their own subnet or VLAN? VLANing is your friend. Learn it, use it. VLANing requires additional subnets. If you don't choose to vlan you'd be using individual ports on the sonicwall for each subnet. Also, its…