TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
@Terry failover configuration does not affect inbound traffic to a specific IP.
-
A little more detail than SHIPRASAHU93 provided: The way I do this is in the Sonicwall Users\ Settings \ LDAP config \ Users & Groups enable the 'Allow only users listed locally' option. This means you will have to import the users into the Sonicwall Users page before they will be able to login. In Users \ Local Users &…
-
@Terry in your case id use basic failover with pre-emption and probing. Basically you set the faster interface (X2) as the highest in the interface ordering in the load balancing group. Then edit the individual interfaces in the group to enable Logical/probe Monitoring. I always use 'probe succeeds when both primary and…
-
You might have to use an IKEv1 Aggressive policy or switch to IKEv2. Either way your VPN is very insecure with those encryption and authentication settings.
-
In my experience with Ciscos if PRF does not match authentication/integrity the tunnel will never succeed. I doubt Sonicwall has a default PRF; because it is related to the Authentication algorithm Sonicwall probably just uses whatever that setting is 'as its PRF setting'. Hope that helps.
-
I ran into an issue managing Gen6 devices (on 6.5.4.7-83n) with NSM. Just browsing the config in NSM would cause the devices to reboot. Support gave me a hotfix based on the same FW version. Worked on one TZ300, didn't work on another. I have dozen or so firewalls on this version, not NSM managed, that are stable. None in…
-
This is a bit of a loaded question as there are many ways to get the same outcome. You also have provided the bare minimum of information. That being said... Are these servers virtual or physical? Are you using VLANs on your network? Does the webserver need to be accessible from the LAN? Questions aside, Sonicwalls come…
-
Have you looked at the above setting? Anytime I've run into this the above has helped. You may also consider adding exceptions to any security services for the network the IPhones are on.
-
Often times any issue I have with site to site VPN tunnels is from the endpoint I DON'T control.
-
Hope that helps.
-
for clarification, when adding a new VPN connection via the Windows Settings you don't get an option other than Sonicwall PPTP in the VPN provider dropdown?
-
Using a wildcard cert is not a problem. A few things to try would be: Change back to a device generated cert and attempt to connect. NetExtender will complain about the cert, but you can accept it temporarily. Disable client auto-update in the client settings and attempt to connect with a different NetExtender version (at…
-
Assuming you properly segmented your networks via VLAN, a simple way would be to disable the auto-created VLAN to U0 NAT policies for the VLANs that aren't required to have connectivity over LTE. Yes it would break guest wifi and such during a failover event but thats all unnecessary traffic anyway. Otherwise you could use…
-
Based on the information in the above link, I would err on the side of caution and say 8.
-
Are you on the latest firmware release? What do the appliance logs says about the connection? What OS and version are connecting from? What NetExtender version?