TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
You could use a DNS address as the SSLVPN desination that resolves differently whether a user is inside or outside the network. E.g. externally vpn.mycompany.com resolves to 24.92.x.x so that remote users will connect to the WAN interface. Internally vpn.mycompany.com resolves to 10.100.10.1 so that users will connect to…
-
This subtle admission by a mod is telling...
-
Without knowing the footprint (# of PCs, servers, etc.) of your headquarters, we can't make a true judgement call, but a NSA 5600 can more than handle the connections from the spoke sites. Will your ISP line bandwidth be able to handle the additional traffic? Do you have statistics on current usage? The TZ570's can more…
-
Without seeing your config we can only make suggestions. Show us the VPN policy showing the NAT. You say your "natting Customer 1's address inside Point A". I can assume you are doing a destination (remote) translation of your customers network, but I do not know because you haven't provided that information. Assuming…
-
"The sonicwall at site A has the DCs setup as the primary and secondary DNS servers" - Do you mean on the WAN interface or in Network \ DNS? Is there a reason why you are doing this? Same question applies to site B. "I have two VPNs on each of the Sonicwalls. This means I have a connection from site B -> A cable/fiber and…
-
Are the routes on the SSLVPN config overlapping with the AWS instance? Is SSLVPN in tunnel-all mdoe? You haven/t given us much to work with.
-
I see I got 2.3-R9 today.
-
I'm not sure if OnPrem is much different, but I couldn't find a way in cloud NSM... If you go to Manager view \ Config Management \ Commits you can see recent commits and can logically deduce what would be needed to undo the change. Silly this isn't an option from the action menu on the commit. Hello Sonicwall???
-
You will need to have the product transferred to the new account from the previous owner, or submit a ticket to support to have them do the transfer.
-
You will need to have your connection to the ISP direct to the firewall (I'm guessing thats the OpenReach modem), and will need that connection to be 'bridged' so you have the public IP on the firewall interface. I would recommended using SSLVPN. You may also want to consider using LDAP for SSLVPN authentication since you…
-
You need to accomodate for your NAT.
-
To answer your question: Unless you have custom access and NAT rules that specifically use the X0 IP address you shouldn't have to change anything after changing the X0 IP address. Auto-created access and NAT rules will be automatically updated with the new information. I don't really want to delve into WHY you are doing…
-
What is the connection speed at your office (what you are connecting to)? While you may have a 100M connection your office may not, and speed is a two way street. Are you wired or wireless to your home equipment?
-
Documentation is too often an afterthought.
-
Think about it. You're tunneling all this traffic already, but 'Office B' doesn't know how to get to 'Customer 1'. What could you do to get 'Office Bs' firewall to know how to route traffic to 'Customer 1'. Basically you'd need to add the 'Customer 1' network to the VPN tunnel between 'Office A' and 'Office B', then get…