Comments

• have you read this thread? https://community.sonicwall.com/technology-and-support/discussion/comment/10880

  in NSM - Locally Modified - Synchronize Doesn't Resolve Comment by TKWITS September 2021
• better start watching the traffic from the postage machine

  in Sonicwall TZ400 - Postage machine cannot access update site Comment by TKWITS September 2021
• Note the exclusion object option.

  in Sonicwall TZ400 - Postage machine cannot access update site Comment by TKWITS September 2021
• Without licensing, the processes that provide IPS, GAV/GAS, etc. are not allowed to be enabled, and thus are not running on the CPU. Leaving a checkbox checked in the Zone settings should have no effect since the underlying process is not running. Speed differences between DPI and SPI are noted elsewhere.

  in Comprehensive/Advanced Gateway Security Suite , without it is my firewall just a router??? Comment by TKWITS September 2021
• DPI is not a function of the security services, but helps them perform their function by inspecting the entire packet. Read more here: https://community.sonicwall.com/technology-and-support/discussion/1528/dpi-vs-spi Without a security services subscription your firewall is a firewall.

  in Comprehensive/Advanced Gateway Security Suite , without it is my firewall just a router??? Comment by TKWITS September 2021
• Consider what you are passing as routes to the client. If it's only a local private IP subnet, than thats all that will get passed. If you pass a public IP that means the GVC will attempt to send traffic destined to the public ip through the tunnel. Start there.

  in Add additional routes to a split tunnel. Comment by TKWITS September 2021
• Start with a packet capture to make sure the traffic is leaving the firewall. Next try connecting directly to the problem link and see if the issue remains.

  in SonicWall TZ 215 Comment by TKWITS September 2021
• you have to change the management certificate in system settings (manage \ appliance \ base settings).

  in Using custom certificate for firewall admin webserver on LAN interface Comment by TKWITS September 2021
• a simple test is changing the lifetimes to something much shorter and enabling dead peer detection (but i dont think you can using aggressive mode).

  in VPN reconnection times taking too much Comment by TKWITS September 2021
• Clearly the responder doesn't like your IKE ID... Try changing it to the documented settings (you have them documented right?) or just your WAN IP address. Ask the third party to see what the firewall is sending as its IKE ID and what its expecting. Other wise follow Ajishals recommendation.

  in IPSec VPN Issues (after upgrade to 7.0.1-5018) Comment by TKWITS August 2021
• Start with reviewing the logs (you have to change the log redundancy filter to get more frequent results)...

  in What to do when App Rules not working? Comment by TKWITS August 2021
• I always use DistinguisedName which can be found in AD Users & Computers and looks like "CN=Administrator, CN=Users, DC=Contoso, DC=com". You should create an account strictly for Sonicwall LDAP queries, otherwise you'll lose LDAP authentication if (when) someone changes a domain admin account.

  in LDAP and Windows Server 2019 Comment by TKWITS August 2021
• provide more details about your config please...

  in VPN reconnection times taking too much Comment by TKWITS August 2021
• Have you read through this thread? https://community.sonicwall.com/technology-and-support/discussion/comment/10703

  in can not block OPEN VPN Comment by TKWITS August 2021
• "We have a static route on the server where the Website is hosted which allows it to talk back to the VPN network." Is the web server located on the LAN interface of the Sonicwall? Why does the web server need a route to the VPN network?

  in Access internal URL/IP via Sonicwall VPN Comment by TKWITS August 2021
More Comments