TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
Please provide additional information about your configuration (such as what interfaces are assigned what zones and IPs, etc.) and a diagram.
-
Do you have requirement to have IPSec VPN enabled? If not disable it. If it's required you can create address objects for known tunnel peers, then edit the auto-created WAN to WAN, Any to WAN Interface IP, IKE rule to only allow traffic from the known peers.
-
I don't think you have to remove the firewall from NSM. Make a backup in local management, then go to NSM and force the sync. I had to do this recently after making a local change to an NSM managed device. As described the device was listed in NSM as unmanaged, so I forced the sync and everything was back to normal. NSM…
-
So are you are trying to browse to the X0 management address from the X3 / SSLVPN subnet? Or are you trying to browse to the X3 management address from the X3 / SSLVPN subnet? Was X3 added as a LAN zone?
-
If you go back to Manager View in NSM then Config Management \ Commits you can drill down to failures. If NSM does not deploy the change it does not mean you have to go back to 'normal' management if you can wait for support to figure out what went wrong. If you have to implement ASAP I would suggest usurping NSM to get…
-
Their 'responsibility' is based on their contract / SLA with you. If they cannot meet their contract / SLA than you have reason to look elsewhere or litigate.
-
Putting two firewalls in HA mode mean they share the same IP address(es) and handle the High Availability through a dedicated link. While you can assign other IP's to the devices individually for management, the HA IP is the important one. You want the virtual MAC. I'm not sure if you can use DHCP on the WAN interface in a…
-
If you have an available NIC on the server and on the Sonicwall you can physically separate it out. This would skip all the VLAN stuff.
-
Did you try putting the password in quotes?
-
Since you tested with a celullar hotspot the only reasonable conclusion is the issue is either your ISP or your 'router'. Have you tried directly connecting to the ISP provided equipment and testing from there (thus bypassing your 'router')?
-
What firmware version are you running? I'd recommend either 7.0.0.906 or 7.0.1.1262, though I don't know if those are available for the 470. What are the routes in the SSLVPN Client configuraiton page?
-
I am in the USA and the pandasecurity.com IP is identified as Spain by the Sonicwall. The www.pandasecurity.com IP is id'd as in the USA (Akamai'd & geo redundant). I can browse to www.pandasecurity.com but it is relatively slow to load; currently unable to tracert to pandasecurity.com per our GeoIP rules. I added…
-
As suggested in the posts you provided, you will likely need to contact support for a hotfix (if available for Gen7) to resolve the Android CCP issue.
-
Have you tried earlier versions of NetExtender? Anything greater than 8.6.266 is fine for Windows 10.
-
Guessing you have seen this? I wouldn't recommend 8.6.265, 8.6.266 is the earliest I would go to on Win10. Have you tried any 9.x versions? Another thing to try is disabling Windows 10 memory integrity.