Menu

TKWITS

Community Legend ✭✭✭✭✭
Avatar

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

TKWITS Community Legend ✭✭✭✭✭

Badges (21)

4 Year Anniversary3 Year Anniversary100 Answers1,000 Comments100 Likes2 Year Anniversary50 Answers500 Comments1 Year Anniversary25 Helpfuls25 Answers25 Likes100 Comments5 Helpfuls5 AnswersFirst Answer5 Likes10 CommentsName DropperFirst CommentPhotogenic
See More

Reactions

1 Promote 93 Helpful 164 Like 0 Spam 1 Abuse

Comments

  • You should be looking at using the Packet Monitor, not necessarily the logs.
    in filter Comment by TKWITS July 2021
  • You can keep the Guest Wifi as a public zone on the Sonicwall. That is how I do it. FYI without the Unifi controller running you wont get statistics and other detailed info from the APs. Glad you got it working.
    in NSA 3650 Trunking Comment by TKWITS July 2021
  • I'm not 100% sure how Sonicwalls version of trunking works as it seems convoluted and I've never used it. From your description and the KB article, it seems you should be checking the 'Trunked' check box for VLAN 5 & 6 for the X0 interface.
    in NSA 3650 Trunking Comment by TKWITS July 2021
  • thats not how that works... Portshielding is essentially creating a a group of switchports from one primary interface, thus sharing the network subnet. By portsheilding the WAN what you are doing is saying to the Sonicwall 'these additional ports are also in the WAN, so broadcast all traffic to them too'. While you can use…
    in NSA 3650 Trunking Comment by TKWITS July 2021
  • Did you follow this KB and assign the IPs in the HA monitoring section? Probably would be easier to factory default the secondary and reconfigure the HA.
    in High Availability Monitoring Questions on NSA 2650s Comment by TKWITS July 2021
  • I second this request.
    in NSM Request for Enhancement: In Firewalls > Backups please include Run Now option Comment by TKWITS July 2021
  • "I created two virtual interfaces that are port shielded two x1 - X1:V5 Guest and X1:V6 Devices." Why would you do this if the ports you have the APs on are portshielded to X0?
    in NSA 3650 Trunking Comment by TKWITS July 2021
  • What subnet masks are you using on your scopes and firewall interfaces?
    in How to set up a Windows DHCP Superscope on the sonicwall TZ 205 Comment by TKWITS June 2021
  • This wouldn't be true HA since you are relying on a single 4G modem and SIM card... If someone at Sonicwall could confirm or deny using two 4G USB adapters would be accepted we could know for sure! @shiprasahu93 @Micah @Saravanan
    in TZ400 in high availbilty mode with 4G USB adapter Comment by TKWITS June 2021
  • @Micah Sonicwall should post the fixes in the release notes, we should not need to create a ticket for this information!
    in firmware update has been released - more issue details ? Comment by TKWITS June 2021
  • Think it through. Tunnel All mode is enabled, which means all traffic destined to anywhere is routed through the SSLVPN client. This is essentially a route for 0.0.0.0/0.0.0.0. SSLVPN Services group is allowed 'WAN RemoteAccess Networks' and 'WLAN RemoteAccess networks'. Both of these address objects are 0.0.0.0/0.0.0.0…
    in VPN Access Question Comment by TKWITS June 2021
  • @shiprasahu93 For clarification, even if you had two 4G USB adapters (one for each primary and secondary unit) HA wouldn't function properly?? I would think this would be an accepted configuration.
    in TZ400 in high availbilty mode with 4G USB adapter Comment by TKWITS June 2021
  • It's really up to you how you manage it. We have all client devices under our reseller account in their respective tenants. All of our internal technicians have access to the reseller account, thus all tenants. We do not provide clients access to their tenant account. Either we manage it for them, or they can screw things…
    in MySonicWall usage with multiple clients/tenants Comment by TKWITS June 2021
  • I'd say you'd need two cellular adapters for a true HA setup. I'm speculating, but what likely happened when you lost connectivity was HA decided to failover to the device without the cellular connection. Since that device had settings assuming the cellular was there but didn't, it caused the routing to get borked.
    in TZ400 in high availbilty mode with 4G USB adapter Comment by TKWITS June 2021
  • These types of restrictions are not available for SSLVPN clients. I suppose you could try a restriction like this with an overly complicated setup of DynamicDNS hosts and GeoIP filtering, but I doubt it would be worth the hassle.
    in Block SSL VPN access by device Comment by TKWITS June 2021