Menu

TKWITS

Community Legend ✭✭✭✭✭
Avatar

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

TKWITS Community Legend ✭✭✭✭✭

Badges (21)

4 Year Anniversary3 Year Anniversary100 Answers1,000 Comments100 Likes2 Year Anniversary50 Answers500 Comments1 Year Anniversary25 Helpfuls25 Answers25 Likes100 Comments5 Helpfuls5 AnswersFirst Answer5 Likes10 CommentsName DropperFirst CommentPhotogenic
See More

Reactions

1 Promote 93 Helpful 164 Like 0 Spam 1 Abuse

Comments

  • What is your failover / load balancing configuration? If you haven't done anything there, configured failover using X1 as the first listed and X5 as the second listed (Manage \ Network \ Failover/LB). Then disconnect X1 and confirm internet failover is functional. If that functions and the VPN tunnel on the other provider…
    in Traffic not routing through VPN Comment by TKWITS January 2021
  • More than likely it is not natively compatible, but would work via the rosetta 'translator' in theory. Hard to say since it is an IOS app. Release notes from November don't indicate it. Of note: https://isapplesiliconready.com/
    in Mac OS - Mobile Connect and Apple M1 Processor Comment by TKWITS January 2021
  • Please provide some configuration and topology information otherwise we won't be able to help.
    in BGP never Comment by TKWITS January 2021
  • See the page link above. From my experience the Cache Add Cleanup drop generally doesn't negatively affect traffic. It is simply cleaning up traffic that has been closed by TCPIP. If you have an issue passing traffic successfully than that is different and we'd need more information about your configuration and topology.
    in Having an issue with traffic going through sonicwall DROPPED, Drop Code: 712 Comment by TKWITS January 2021
  • I do not believe there is a way to globally disable those options for all new access rules. You'd have to change it on the rules individually.
    in change settings when add new access rules Comment by TKWITS January 2021
  • @LJ_Tech You have to submit the support case through mysonicwall.com, browse to Resources & Support \ Support and click Create Case. I had a similar issue with an NSa 3650 where the firewall would reboot itself while handling high volume of SSLVPN traffic. Users would be unable to login to SSLVPN and the WebUI would become…
    in NSA 3600 Memory Leak / Slowdown / Rebooting By Itself... Comment by TKWITS January 2021
  • So just from the logs, the two FQDNs the client is connecting to are global.XXXXX.com and epgukvpn.global.XXXXXX.com. DNS results for global.XXXXXXX.com provide two IP addresses, one in USA the other in UK (as described). DNS results for epgukvpn.global.XXXXXX.com provides only the UK IP address. Is global.XXXXXX.com…
    in Mutiple userrs being routed to VPN appliance in different location Comment by TKWITS January 2021
  • Welcome to the fun of SSL certificates! I'm guessing you created the CSR on the Sonicwall? Since you did that, you won't have access to the private key. If you need to have the private key available to you, you'll have to generate the CSR in OpenSSL or use DigiCerts online tool to extract it. You can also use OpenSSL (or…
    in CSR pending , upload and installation of multi-domain SSL is not working Comment by TKWITS December 2020
  • You'd have to review the GAV/AS, IPS, etc. categories for what is classified as 'low'. IPS especially is sensitive considering it flags echo replies (pings). Don't forget to add exceptions to security services, espcially voice traffic! Clients do not always understand the compromise of security / functionality / speed.
    in Security Services Settings question Comment by TKWITS December 2020
  • @MIS_ShopperWorld Let's break it down. How are the remote locations connected to the corporate office: site to site VPN, fiber, other? What is the IP subnet of the corporate office? Since you do NOT want DHCP coming from the corporate office, do not use IP Helper or DHCP over VPN options. In VPN \ DHCP Over VPN, click the…
    in Using a TZ400 firewall as a local sites DHCP Server. Comment by TKWITS December 2020
  • @MIS_ShopperWorld Sounds to me like you have DHCP over VPN setup for your remote locations, or a IP helper policy directing DHCP requests to your 'corp office' DHCP server. Check settings under VPN \ DHCP over VPN, and Network \ IP Helper. I would recommend against using the TZ400 IP address as a DNS server, all DNS should…
    in Using a TZ400 firewall as a local sites DHCP Server. Comment by TKWITS December 2020
  • Martin, I would NOT recommend importing a config to/from different models. While Sonicwall says this is possbile, I have only ever had bad results. I barely trust importing same model configs. That being said, I would factory reset the TZ350 and set it up with a BASIC configuration to get it functional. Make sure NO…
    in Connection Error / Time recording terminal / VPN Comment by TKWITS November 2020
  • Reading more into this... from the author's own admission this is merely a 'modernized' version of a previous method he developed. I wouldn't exactly call it 'new'. "This attack requires the NAT/firewall to support ALG (Application Level Gateways), which are mandatory for protocols that can use multiple ports (control…
    in NAT slipstreaming - any relevance on SNWL? Comment by TKWITS November 2020
  • @Ninad94 No firewall (or network for that fact) is automatically in compliance with ANY cybersecurity standards. Compliance is a combination of many things including policies and procedures, as well as configurations of all network equipment. You will need to read up on what these standards are asking for to be able to…
    in Cybersecurity Standard Comment by TKWITS November 2020
  • For reference: https://www.sonicwall.com/support/knowledge-base/damaged-version-of-net-extender-error-message-on-windows-10/170707194358278/
    in netExtender adapter fails to install Comment by TKWITS October 2020