Hello,
Can I configure VPN (Site-to-site) Failover between two Sonicwall TZ 105?
Thanks.
↧
VPN Failover Tunel TZ 105
↧
sso problems (terminal server)
Hello.
I'm relatively new to Sonicwall. MY config was TZ215 with SonicOS Enhanced 5.9.1.1-39o
My config was this one :
Multiple virtual server, one with SSO agent connected on it and paired with TZ215. User use our PC and TSE session to work on Manufacturing APP.
I experienced a lot of web session problem and i think that user that use 2 ip (local and tse) can cause trouble on classic SSO agent.
Thanks for your help.
↧
↧
Configuring Verizon 4G LTE router with a TZ210
Attempting to connect a Verizon 4G LTE router to a TZ210. It has an ethernet connection that works when I plug in a PC. In theory should work with a Sonicwall. Want to use X6 as a WAN interface. Need to route all LAN (X0) traffic out this interface.
1) Has anyone configured this router or a similar one successfully?
2) Currently have Uverse configured on X1. Would you create a failover or just a routing policy to route all traffic through X6?
↧
Bridging Wireless and PortShield at the same time
I'd like to configure my TZ200W with all the ports wired and wireless (except for X1 of course) to be on the same subnet.
So far I've been able to bridge the wireless to X0, and portshield x3 and x4 to x2, which leaves me with 2 networks.
Is there a way to have x0,x2,x3,x4 and w0 (and if possible w0:v1) on the same network?
I'd be willing to give up w0:v1 if necessary
Thanks
Nu
↧
Various Attacks on Log File
Hello Team;
The log file of my Sonicwall Pro 1260 has been recording some entries which worries me. The entries are specific to Port Scans, TCP FIN Attack, Malformed or unhandled IP packet dropped, Net Spy Attack, Senna Spy Attack but mostly its Port Scans and all are from known IP or either from Remote USers who are using SonicWall VPN.
Is this something I should worry about? How can I go about stopping these attacks and most importantly prevent them in my network.
Thank you for your valuable inputs and time
↧
↧
Two IPv6 DHCPv6 questions/issues
I am once again trying to setup DHCPv6 on my SonicWall. I am running a TZ 600 with SonicOS Enhanced 6.2.4.2-20n.
The first question/issue is that DHCPv6 is not working.
When playing with pfSense for a short time I was able to get DHCPv6 working, it was easy. Enable DHCPv6 and add a dynamic lease scope and bingo I got an address. Then from the list of dynamic leases that had been given out I could click a button and make a static lease scope out of it.
After enableing a DHCPv6 dynamic lease scope with the prefix on my x0 interface I can see the DHCPv6 requests in the packat capture on the SOnicWall as well as from a tcpdump on the Linux system I am doing my testing from but there are no DHCPv6 Responses.
Using the packate captures I was able to get the IAID and DUID and setup a static DHCPv6 lease and it is the same. There is no DHCPv6 responses from the SonicWall.
Any tips/tricks or suggestions on getting this to work.
The second question is can I get a DHCPv6 scope to automatically use a prefix delegation and not have to enter it manually. For now I have taken the prefix that my ISP has delegated to my connection and manually entered it. If possible I would like to have a DHCPv6 lease scope automatically track a PD.
↧
Analyzer synchronizing issue with sonicwall tz210.
Dear All, we have just configured Analyzer 8.0 in windows 7 pro 64-bit o/s. i have a sonicwall UTM TZ210.
i have added it in Analyzer firewall section. its being synchronized successfully first time.
but after sometimes the firewall ip address become empty.
sonicwall firmware version is SonicOS Enhanced 5.9.1.1-39o.
i have tried it many times.
↧
Los dispositivos moviles se desconectan de mi red automaticamente despues de unos segundos.
Buenas tardes, lo siguiente es para comentarles que actualmente tengo una red de invitados (guest) y una red de empleados, en la red de invitados yo creo un usuario y la persona que vaya a ingresar a esta red usa este usuario, pero la red de empleados ingresa a la red autenticandose por directorio activo.
Cuando los funcionarios intentan acceder a la red de empleados desde un equipo portatil o un equipo de escritorio automaticamente se autentican en la red de empleados por SSO y si no, se autentican por portal cautivo pero con las credenciales de directorio activo.
El problema es que cuando se realiza este tipo de conexión desde cualquier dispositivo movil el cual nada mas puede autenticarse desde el portal cautivo, se autentica correctamente, navega correctamente pero al cabo de unos segundos sale el error que se presenta en la imagen y el dispositivo queda desconectado fisicamente de la red.
De momento se descarta los AP y su configuración ya que la red de invitados y empleados se despliega desde los mismos AP y la de invitados funciona correctamente en equipos portatiles o en cualquier dispositivo movil.
Se descartan politicas de firewall y en la investigación que he realizado presiento que el error se encuentra dentro de la configuración de la red de empleados.
Agradezco que me puedan colaborar.
Quedo atento.
↧
Sonicwall TZ-215 how to convert .exp to something readable
Since the Sonicwalls make it very difficult to read their configuration files and they don't have their own conversion tool (not sure why they don't), can someone recommend some options. I have Sonic Reader but it has a bug that I keep hitting so I was hoping for some others.
Thanks,
Mike
↧
↧
historical record of ingress/egress bandwidth on a tz300 firewall?
Hi,
is there anyway short of running a netflow server to get a historical graph or .csv of the aggregate bandwidth in/out of a wan network interface? I'm trying to debug a poor ISP connection and I'd like to have a record of what my firewall thinks is being sent/received. I can see that I can this by running my own netflow server or signing up for one of dell's netmon products, but what I need is so basic I was hoping for a simpler/cheaper solution. I was using a peplink box and it had the graphs right in its management UI was pretty convenient. Thanks!
Cheers, Cos.
↧
How to configure sonicpoint to authenticate RADIUS server over site to site VPN
Hi,
Could you please assist me about how to configure SonicPointN for wireless users to authenticate RADIUS server over Site to Site VPN tunnel?
The RADIUS server is located in the Head Office.
The SoniPointN is located is Remote Office.
Thanks
Anton
↧
Log visited websites on Sonicwall NSA240
I have a Sonicwall NSA240 firewall and want to be able to log visited websites, however when I turn on the Network Traffic category for logging my syslog starts recording thousands of events per minute. A lot of the traffic is generated by sites like liveupdate, and office365, etc. Is there any way to filter our these sites so they don't get recorded in the log?
↧
TZ200 DDNS "Network Error"
It's running firmware version "SonicOS Enhanced 5.9.0.7-17o"
So I've used the Baltimore Cyber Trust root before to fix this problem however I just imported it into one of my TZ200's running "SonicOS Enhanced 5.9.0.7-17o", rebooted and it did not work. Any ideas?
↧
↧
Sonicwall SSLVPN very slow Throughput accessing network files
Good day,
NSA 3600
SonicOS Enhanced 6.2.2.0-12n
When connecting to the sonicwall VPN SSLVPN via netextender accessing network files is very slow. I tried to perform some speed test to copy files from a network share to local drive and getting very slow speeds. This makes working impossible. Without VPN connecting and being on the local network its working fine and fast.
Its so slow to copy files from network servers/accessing network resources.
Thank you
↧
Firefox and Tor Alerts new!!
Anyone noticed that Firefox is now setting off Tor access alerts when users try to go to google? It only happens to google. Just started in the last day - it wont allow you to get to google due to the sonicwall rule on proxy access for tor.
| Application Control Prevention Alert: PROXY-ACCESS Tor -- Client Activity 9, SID: 11169, AppID: 467, CatID: 27 | 192.168.1.27, 59704, X0 | 74.125.29.105, 443, X1 |
| Application Control Prevention Alert: PROXY-ACCESS Tor -- Client Activity 9, SID: 11169, AppID: 467, CatID: 27 | 192.168.1.27, 60090, X0 | 173.194.123.17, 443, X1 |
Again, only with firefox, and only to google, had me panicking incase it was cryptolocker trying to reach out for a key
↧
attempts to access my NSA220 via the cli
| 09:29:49 Oct 08 | 200 | Users | Warning | CLI administrator login denied due to bad credentials | 171.224.198.242 |  | |||
| 09:28:50 Oct 08 | 520 | Users | Inform | CLI administrator logged out | 5.9.18.243 | | |||
| 09:26:49 Oct 08 | 520 | Users | Inform | CLI administrator logged out | 54.148.52.102 | | |||
| 09:22:18 Oct 08 | 520 | Users | Inform | CLI administrator logged out | 62.210.139.41 | | |||
| 09:21:58 Oct 08 | 520 | Users | Inform | CLI administrator logged out |
How can I prevent these attempts which have been continous for weeks.
↧
App Control Advanced categories etc showing down
Hi
Categories not showing. Our TZ500 needs a reboot to get them back.
Clicking on the "View Style" gives "File Not Found" and "Error 404".
SonicOS Enhanced 6.2.4.2-20n
↧
↧
SRA 4600 Routing Issue (Tunnel All Mode)
Curious how on a SRA 4600 tunnel enable mode you allow internet access?
I have read that on the NSA 2400 you just allow the member to the WAN Remote access group can not find similar to SRA 4600
Thank you.
↧
SSLVPN to Site to Site VPN packets being dropped
I have an NSA 240 that I have site to site IPSec connection to clients. I use NetExtender to connect to my network. When I attempt to connect to client devices on the VPN subnet I get a
"DROPPED, Drop Code: 40(Enforced firewall rule), Module Id: 25(network), (Ref.Id: _5562_uyHtJcpfngKrRmv) 0:0)"
in the packet capture. If I do the same access test from a device on the LAN it test fine. I have a firewall rule that allows traffic from SSLVPN to VPN specifically.
INFO:
Base Device:
Model: NSA 240
Firmware : SonicOS Enhanced 5.9.1.1-39o
NetExtender Client:
Client OS: Windows 8.1
NetExtender Version: 7.5.223
Firewall rule:
From------To----Source---------------Dest--------Service-Action
SSLVPN -VPN-SSLVPN IP POOL-Client Net-ANY-----ALLOW
Content Filtering and IPS are currently turned off. I don't believe this is in the firewall rules. However, I can't find it elsewhere either. ANY help would be greatly appreciated.
↧
Tunnel Interface Is Unstable
Hello SonicWALL community. I haven't been able to make progress with this in the support department so I thought I would give posting here a shot. We have a remote office setup with two internet circuits. I have setup two tunnel interface VPNs with manual routes that will disable themselves if they see that the tunnel is down. I did this because I needed more routing flexibility to better utilize bandwidth on the 2nd circuit while allowing for fail over.
The issue is that the VPN on the 2nd circuit is constantly down. I connect to the UI and disable/enable the VPN it comes right up and works. I come back a day later and it is down. Support has been through the config with me and can't seem to find a problem. Any idea why this VPN won't bring itself back up consistently?
Tech info:
Branch firewall: TZ205W, firmware: 5.8.1.15
Main office firewall: NSA 2400, firmware: 5.8.1.15
↧