TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
So next up is Saravanans query, does all VPN traffic cease at the time of issue? Does general internet traffic cease at the time of issue?
-
Probing is only part of it, start looking into policy based routing to actually handle the routing logic after a probe fails. Some articles to help: Depending on how you configured your MPLS interface, you could also use SD WAN policies.
-
You still haven't answered my questions. Are the clients staying connected to NetExtender for days at a time? Do you have quotas setup for the users?
-
I have a feeling there is a memory leak in OS7. We have a TZ570 that needs to be rebooted on an almost monthly schedule. SNMP reports the memory has gone up 3% week over week since the last reboot two weeks ago...
-
It depends on your network requirements and expected growth. The main differences between the two are interoperability with other manufacturers devices, and, as you pointed out, the use of routing policies instead of numbered VPN interfaces.
-
"sometimes I see the message "No internet access" on my LAN icon, but obviously I have Internet access. Is this something suspicious?" seems you are on to something...
-
You keep saying "this works for a couple of days". Are you implying the clients are connected for days at a time? Do you have quotas for the users? If your 'fix' involves restarting the client-side devices than it seems the issue lies on the client side. Is there a reason the radiology application is only accessible via…
-
So at this point do the packets from the phone destined for the PBX get to the Sonicwall packet capture? If so, do they then get to the pfSense packet capture? If so, do they then get to the PBX packet capture? My point is you need to dig around and find the point at which the packets fail to traverse the connection.
-
Have you run a packet capture on the 'remote' Sonicwall to see where the VoIP phone traffic is going when making the call? Is there a reason you are using VoIP over VPN? Once the VoIP traffic is encapsulated to flow over the VPN tunnel you lose all prioritization applied to the packets...
-
This question has been asked and answered many times, see: https://community.sonicwall.com/technology-and-support/discussion/comment/6798 Also: https://www.sonicwall.com/support/knowledge-base/how-can-i-enable-port-forwarding-and-allow-access-to-a-server-through-the-sonicwall/170503477349850/
-
6.5.1.3 is almost two years old, you should upgrade your firmware...
-
IME 'connection opened' simply indicates a connection was attempted, not that it was allowed. 'connection established' would be a completed connection handshake, thus indicating it was allowed. I do not know if that is how the log reports it though, maybe @shiprasahu93 or @Saravanan can clarify.
-
What firmware is the firewall on? What NetExtender version? Is the internal LAN network stable at the time the issue occurs?
-
I understand the reasoning for having your DCs as the DNS for your clients. But why would you have it as the DNS for your firewall? Thus my original question. Again, why two tunnel interfaces instead of just one with a secondary IPSec gateway? Don't make things more complex than they need to be. That helps. Is the cable…
-
It doesn't. Hub and spoke is a concept, not a technology. I think he misunderstood your question and assumed you don't have a dedicated DHCP server. You can use IP Helper policies to have DHCP clients obtain an address from your internal DHCP server that is at your main location. With regards to your July 1st post, your…