Quantcast
Channel: Network Security - Recent Threads
Viewing all 531 articles
Browse latest View live

SonicWALL TZ 205 not logging more than a day or so

June 15, 2016, 8:05 am
$
0
0

Hello,

I have little experience with SonicWALL, but I have a client how has a TZ 205. We have been having issues with their internet dropping out. The vendor is blaming the internal network, but I have seen the issue when directly connected to the modem.

What I am facing is that I can only go back about a day or so in the logs to see what else might be going on. Is there a way to have it keep more logs. I am trying to look at the documentation, but I am having some issues.

Also, does anyone know a way to get better bandwidth reporting? The ISP also sited they thought bandwidth was an issue at one point.

Thanks

Search

Odd VPN status problem

June 16, 2016, 9:51 am
$
0
0

Was trying to troubleshoot a VPN problem between an NSA5600 and NSA220 earlier when we noticed that the 220 reported the VPN as down but the 5600 said it was up. Looking further, the 5600 reported one out of three tunnels was up but the counters suggested no traffic was happening. Has anyone else seen this behaviour?

DPD is enabled but "Enable Dead Peer Detection for Idle VPN sessions" is not.

I'm wondering if the fact that the 5600 saw an "up" tunnel prevented the VPN from reestablishing and whether the DPD for idle sessions would have fixed it. If it would, will turning that on cause the existing tunnels to reset?

Sonicwall dropping packets to Androids from Exede satellite service.

June 17, 2016, 12:49 pm
$
0
0

I've been trying for almost two months to find out why my Android devices got slower and slower on the internet until the point they didn't really connect at all.

I've used my new Samsung Tab S2, Galaxy S5, and even pulled out an OLD Motorola Xoom to prove it wasn't an Android update.

I've also tried a TZ170, TZ190 and a new TX300W. I've swapped out the external WiFi access points and switches as well.

I can try an Android then switch to a Windows notebook on the same WiFi. Android fails, Windows works.

If I swap a common WiFi router for the Sonicwall everything works.

Through Packet Capture of everything from/to a single external site I found that the Android packets were slightly larger than the Windows. And that the response from the external site was received by the Sonicwall but for the Androids it was dropped "Invalid TCP Options(#4)" rather than forwarded as it was for the Windows.

Additional: The original TZ170 had not been updated for a long time before the problem developed. Exede claims its not their problem because their modem reports back as everything in the green and that it only effects the Androids.

I can upload the captures (I have all four formats saved) if that will help.

How do I get the Androids to be able to use Exede internet through the Sonicwall again?

Using OSPF on fully meshed L2L VPN

June 17, 2016, 4:25 pm
$
0
0

We have four sites connected to each other (full mesh) over VPN tunnels on NSA devices.  Traffic from any given site can use a VPN tunnel to communicate directly with any other peer on the network. We want to utilize OSPF to redirect traffic when the VPN tunnel between any two sites goes down.

For example, if the VPN between sites A and B goes down we want to redirect the traffic from site A, (destined to Site B) to be diverted to site C and from site C the traffic would then traverse its tunnel to B .

How can we set this up?

On a macbook using RSA can't connect through the VPN

June 21, 2016, 3:34 pm
$
0
0

I heard that SonicWall doesn't have an application for the IOS and I fail to connect to the PPP whenever I try to connect using the built in VPN. Wondering if you guys had any suggestions on how I could connect to my network from my macbook?

create Guest Zone on firewall

June 27, 2016, 10:26 pm
$
0
0

Dear all, 

First, I am sorry for my basic question but I am not a network engineer, 

I am using sonicwall TZ400 and I need to deny internet access to any machine that connected to my network. what's the best way to do so through my device,

I already have proxy solution to have the control for my domain users and it's working fine.

but my issue for the guest computers "all computers or devices that does n't belong to my domain" they can connect to my network and browse the internet directly. I just want to deny that and how to allow in some cases.

any reply or help would be highly appreciated

B regards

How to allow hosts on remote end of VPN tunnel access to the public internet?

June 28, 2016, 8:03 am
$
0
0

Hi all,

I have a TZ105, in a small office environment.  I'm working with AWS resources, and I've set up a VPC on Amazon, with several hosts that only have private IPs.  I've managed to get a VPN tunnel set up between the AWS VPC and my local office using the TZ105.  All that works great, if you're connected to the office network, you can access the remote AWS resourses via the VPN tunnel.

My question is:  How can I allow the remote AWS resources access to the public Internet through the VPN tunnel?  I'm thinking I need a NAT policy, but I've been unsuccessful in creating a policy that does what I want.

Can anyone offer me a clue?

Thanks,

-Mark

SonicWall ProSeries remote user logs

June 29, 2016, 2:02 pm
$
0
0
Hello, I am trying to find our company Dell Sonic Wall log files,
After I log into the firewall, I am opening - Log Monitor and filter to DIsplay the event for the last 30 days, well it is shows only the current day events, but I need the info for the past few months.
The purpose of that is - I just need to find out what specific IP logged remotely through the Firewall on which date and what time.
Please let me know where I can find all that information, will be really appreciated.
Thanks!!!
 
Search

SonicWall ProSeries remote user logs

June 29, 2016, 2:04 pm
$
0
0
I am trying to find our company Dell Sonic Wall log files,
After I log into the firewall, I am opening - Log Monitor and filter to DIsplay the event for the last 30 days, well it is shows only the current day events, but I need the info for the past few months.
The purpose of that is - I just need to find out what specific IP logged remotely through the Firewall on which date and what time.
Please let me know where I can find all that information, will be really appreciated.
Thanks!!!
 

NSA 2400 SSL VPN Tunnel All can't access internet

June 29, 2016, 8:29 pm
$
0
0

Hi all,


My VPN environment a bit complex.
And one of problems make me out of idea what is wrong ....


My environment

X0: 192.168.1.x/255.255.255.0

X1: WAN1 on ISP 1

X3: WAN2 on ISP 2
SSL Server enable WAN SSL
Local User add WAN RemoteAccess
Local User add LAN subnet on route inside the SSL User interface so let them can access LAN resource ...

Local User also following

those official KB setting ...

But, if tunnel all off in SSL VPN, it is fine... but whatever I am make it on, all SSL VPN User can't access internet, plus, can't access all resource include the X0 subnet  too ...


I can't see any log error

So any idea on this?

Thank you

Soniwall lan to lan vpn over wds link

July 1, 2016, 7:40 am
$
0
0

Hi, i have 3 buildings connected with a WDS link. Now i want to place a sonicwall on all 3 buildings.

I want to configure a VPN lan to lan in this configuration. Can i give the sonicwalls on all sides a WAN port with a internal ipadres, lets say 172.16.1.1 and use it as a wan interface. Then use 192.168.100.x as the lan port. Then on another building i would give the sonicwall 172.16.1.2 and as lan 192.168.101.x.

Then i want to make a vpn connection to the wan adress 172.16.1.x address and route over this vpn the subnets 192.168.10x.x .

Can i connect from the one sonicwall to the other in this way? If yes, what default gateway should i give the sonicwall on this 172.x configured WAN ports. I only want to use this ports to make a vpn connection to and route the 192.168.100 subnets.


Hope someone can advice,
Perry

NSA 240: Newest Update 5.9.1.6-5o causes high CPU load

July 4, 2016, 2:05 am
$
0
0

Hi @all,


we installed on the NSA240 the newest Update 5.9.1.6-5o from May 04, 2016. Since this date we see, that the CPU-Load is permanently between 70-90%, but there is not more traffic comparing the situation before the update (5-15%).


Are there any troubleshooting tips to control and manage the CPU for getting a better workbalancing? Actual we got some VPN-tunnels to another location and we notice that these tunnels are not working without problems...


Thanks you,


Torben

Possible UDP Flood attack detected in log

July 5, 2016, 5:30 am
$
0
0

Hi,

My Sonicwall seems to be pausing connectivity during browsing and checking the log there are loads of entries for the UDP attack (count 17888). Annoyingly though its showing nothing for source or destination just Attack destination of 0.0.0.0 - 255.255.255.255.

Is there anything I can check to try and stop these and restore normal service?


Thanks
Jason

Ultrasurf 16

July 6, 2016, 6:42 am
$
0
0

Hey guys. I can't block ultrasurf. Already blocked the category PROXY-ACCESS, created an app-rule to block this category too, but didn't work.
Also called sonicwall support and it was told me that they are working in a solution for this new version of ultrasurf.
Do you know any alternative way to block this?
Thanks

Connect TZ 215 connection to AD server 2012 R2

July 8, 2016, 11:58 am
$
0
0

HI Forums.

I am trying to connect a TZ 215 to AD server 2012r2 + DFL.

I have gone thru a couple of post but they are all outdated.

Can someone please point me in the direction in connecting TZ 215 To AD

I want to set up user groups for different browsing rites (content filtering groups)

Firmware Version: SonicOS Enhanced 5.8.1.14-48o

Please can you have a step by step idiot guide as i know my way around sonic wall but it can get hazy at certain functions.

TX

Darius

Search

Configuring Sonicwalls to use MPLS and VPN

July 10, 2016, 2:53 pm
$
0
0

Here’s my situation.

My company has two sites (soon to be a third) using fiber internet. Both have SonicWalls and a site-to-site VPN linking them. Both sites also have other site-to-site VPNs to our other retail locations.

We now have MPLS between both sites. However, trying to configure each site for been difficult. Our ISP hasn’t been much help.

What we want:
Both sites to keep their current internet connections for accessing the web.
Traffic between the sites to use the MPLS connection. Each site has its own server that users need to access. We also have our VOIP based phone system at one site.
Should the MPLS link die, we want to use the site-to-site VPN as a backup.

Particulars for each site:

Site 1
Sonicwall 2400
192.168.8.0/24
Sonicwall local IP is 192.168.8.1
Adtran MPLS router LAN IP is 192.168.8.7
Server IP is 192.168.8.3
Phone System IP 192.168.8.20

Site 2
Sonicwall 2600
192.168.7.0/24
Sonicwall local IP is 192.168.7.1
Adtran MPLS router LAN IP is 192.168.7.7
Server IP is 192.168.7.8
VOIP phones linked to phone system in site 1

Any help would be most appreciated. [H]

TZ500 limited amount of VLANS

July 13, 2016, 2:00 am
$
0
0

Dear,

I'm looking to switching to Sonicwall for a new project with ~ 100 rooms in one building. Using competition firewalls I was just creating a separate VLAN per room to provide a necessary security for users. But after reading TZ500 specs it turns out there can be only 50 VLANs created. 

Can anyone explain to me from their experience how to solve this problem?

Thanks!

Jacob

SSL VPN clients never time out, even though timeout is configured

July 13, 2016, 6:52 am
$
0
0

We have a TZ215 that's running SonicOS Enhanced 5.8.1.2-6o, and the clients are set for the following:

Default Session Timeout (minutes):   30

However, the VPN sessions are never terminated. One has been connected for 2942 minutes, and the column for Inactivity Time is 30 minutes - it stays on 30 minutes permanently and never tears the connection down.

Is there something I can change in the configuration to force an absolute timeout for the sessions, say after 2 hours the connection terminates even if it is active? I searched for a setting like this but didn't have any luck.

Thanks

GAV blocking Windows Update

July 13, 2016, 5:21 pm
$
0
0

I have several win 10 systems.  Today, on all of them, when doing a windows up date check, it fails to download the Dedinition Update and I get the following in the log.

07/13/2016 20:18:08 - 809 - Security Services - Alert - 64.212.26.252, 80, X1 - - tcp - Gateway Anti-Virus Alert: MalAgent.H_6955 (Trojan) blocked.

 If I disable this in the GAV, windows update works and no error:

MalAgent.H_6955 (Trojan)

anyone else see this?

$$variable$$ on Web Page to Display when Blocking

July 13, 2016, 9:49 pm
$
0
0

Hi,

it is possible to use more variables on Web Page to Display when Blocking?

Default is :

$$BlockedPolicy$$
$$ClientIpAddr$$
$$Category$$

i need to show username which was used for authentication SSO... It is possible ?

Thanks, Martin

Viewing all 531 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>