Comments
-
Hello @DDRDiesel, Yes, I agree with @Nevyaditha. You can try the suggestions but please plan a maintenance window to upgrade the firmware as 6.5.0.0 was an initial release. You can either upgrade to our general release branch 6.5.1.5 or the latest maintenance release 6.5.4.6. Thanks!
-
@Kulpie6289, I am sure once they are on separate subnets, things will start working correctly. The end computer might be getting confused and sending some traffic to local and some to the VPN adapter. Once you make the change, let us know the results! Thanks!!
-
@Darshil, What is the drop reason that you see on packet capture? It could be either CFS or App control. When packets are dropped by CFS it tells 'Enforced Content Filter Policy' and 'IDP detection' for App control. Could you please try to perform a packet capture so that we can narrow down which security service might be…
-
Hello @DDRDiesel, Based on the pattern it looks like an IP conflict issue. Could you please check if the local network of the user is overlapping with the IP it receives from VPN adapter or the local network that it is accessing. Also, please make sure that 'All Interface IP' or 'WAN Interface IP' is not added as the VPN…
-
Hello @Kulpie6289, Could you please check if the SSLVPN pool is overlapping with the LAN subnet of the firewall. It is always better to use a subnet that is not physically configured on the firewall. Thanks!
-
Hello @Darshil, Please navigate to MANAGE | Log | Log settings and disabled the log events for App control Detection alerts as below. Also, make sure that the App control Prevention alerts are enabled with log redundancy value set to 0. You should be then able to see the signature that is blocking the update for Google…
-
Hello @SGIT, Yes, you are right. We cannot check this using MAC address and it won't be the same until it reaches the firewall. We have option called End point control available on our dedicated Secure Mobile Access devices with which you can control the devices from which the SSLVPN connection can be made. 'End Point…
-
Hello @JP98S, Thanks for sharing what worked out for you! The IE browser might be useful in such scenarios. You can enable SSL 3.0 under Internet Options and advanced settings. Please restart the browser before testing again. Thanks!
-
Sure, @mrshahin. Let us know how it goes.
-
Hello Michael@BWC , The phishing attempts should also be submitted as false negatives in the same manner. With regards to settings, we need to make sure that LDAP is integrated and DHA is set to Reject invalid addresses. If LDAP is not integrated then users can be manually imported and DHA can be enabled. Thanks!
-
Hello @AINDER, We would need to perform a packet capture for ARP on the firewall to see what might be going on. The only reason that I can think of is, if the traffic from VLAN 10 is not coming with the tag of VLAN ID 10 to the firewall. In that case, the firewall will drop the requests made. Could you please check the…
-
Hi @Doctor_Wizard, As far as I understand, you are trying to perform subnetting of a larger network using the subnet mask field under DHCP server. Unfortunately, by design whether it is a static or dynamic scope we will use the subnet mask assigned on the interface regarding which this specific scope is added. The…
-
Hello @Larry, We are soon going to migrate from CSC-MA 1.7 to NSM 2.0 which is in beta at the moment. That could be the reason we do not have latest docs available under SonicWall tech docs. Please contact your Sales representative if you would like to participate in the NSM 2.0 beta program. You could use the link below…
-
Hello @Setman, I am guessing that you are trying to deploy this Linksys device as an access point behind the firewall. You should connect the WAN port of the Linksys device to either the switch connected on X0, X0 directly or any portshielded port to X0. If you would like to have the wireless devices on a separate network,…
-
Hello Michael@BWC, You are absolutely right. The .eml attachment is the best way to get the data to us preserving all headers which in turn does to our Spam review team. I am not sure if there is a separate procedure for Phishing attempts but I can find that out for you. Thanks!