So the previous network administrator left without a trace. It took months of digging through files and his company emails to finally get to the point where I feel like I have this network under control, which is great.
There is still just one item I'm trying to figure out. I am in control of his email aliases and SonicWall Alerts that have gotten me out of some binds including finding a loop in the network. But golly, I have no idea where in the web panel those items are configured.
There was a switch that was down at one of our businesses and the switch was named with its exact location which is where I found the loop. Is the SonicWall monitoring specific devices? I haven't been super familiar with SonicWall, but I can't seem to figure out where to configure what devices for it to look out for.
Any help appreciated.
↧
Sonicwall Alerts
↧
why does this network traffic get through?
we have 2 sonicwalls nsa3600 and a 4600
The NSA 3600 WAN port is a direct fiber point to point vpntunnel connection to the 4600
this is how site with 3600 gets internet
syslog on the 3600 shows packets dropped from nestea/teardrop attack from a public IP address
15:30:08 Sep 27 | 1376 | Security Services | Alert | Nestea/Teardrop attack dropped | x.x.92.229, 80, X9 | 192.168.x.x, 60337 | tcp |
The syslogfor the 4600 shows packets from this same IP dropped from GEO filter. with the same private IP address of the WAN interface of other sonicwallas source, and public IP as destination.
12:30:22 Sep 27 | 1199 | Security Services | Geo IP Responder Blocked | Alert | Responder from country blocked: Responder IP:x.x.92.233 Country Name:xxx | 192.168.x.x, 41457, X9 | x.x.92.233 | 443 | zone | tcp |
How does traffic from this public IP...
↧
↧
Get response from local IP before going external, DNS, SonicWall. Different VLAN
Hi
I got some trouble getting the correct response on my LAN. Ive got a DNS on Windows Server 2012, and a Sonicwall NSA 4600. I have many different VLANs set up on the Sonicwall, with ip like 10.40.X.X, 10.11.X.X, 10.9.X.X
Got different users on different VLANS, they have not the same restrictions so they need to be separated though they need to access the same site. The site is the sonicwalls login-page for normal users in LDAP. I dont what the users to use the primary IP of the sonicwall, but a DNS-name who points to the correct gateway of the current VLAN the users are on. How can i to this?
Ive tried to set it up in the DNS as explained here:http://www.tomshardware.co.uk/faq/id-1954333/create-reverse-primary-dns-zone-windows-server-2012.htm...with reverse lookup zones. But that dont work.
The funny thing is that when i try, i get the...
↧
Help! Global VPN client won't install.....
Hi All,
Hoping someone can help. I'm trying to re-install SonicWall Global VPN Client but, I get the following error message.....
UpdateDriverForPlugAndPlayDevices(2) failed - virtual adapter can not be installed.
Error = This operation requires an interactive window station.
path = 'C:\Program Files\SonicWall\Global VPN Client\\SWVNIC\netSWVNIC.inf'
Any help would be very much appreciated.
Regards,
Andrew
↧
Redirect internal webpage
I've got a Sonicwall NSA 2650 and hoping this is achievable.
I need for all traffic at http://server1:8080 to be redirected to http://server2:8080
Is this possible to setup using the Sonicwall? I've found how to do a HTTP redirect but as this is with a different port it doesn't seem to be working. If there is a better way to do this using DNS, hosts files or another method, feel free to let me know too.
↧
↧
Dual WAN VPN Load Balanced to Azure?
We have a SonicWall in our remote office with 2 ISP connections in a Ratio Load Balanced configuration
(X1 at 1% and X2 at 99%).
VPN Failover works correctly to the SonicWall at our main office.
VPN Policy set set to Zone WAN.
We are trying to setup a VPN to Azure in a similar way, but the connection seems to keep switching back and forth every few minutes, causing disruption.
It connects correctly if the VPN Policy is bound to Interface X1 or X2, but then there is no automated failover.
Is it possible to do this with Azure, or do we need to be in a Basic Failover type vs Ratio?
↧
Configure Sonicwall TZ300 open ports 5060 5061
I have a client with a Sonicwall TZ300 that wants to use Cox Edgemarc VOIP phone system. The Edgemarc needs Ports 5060 and 5061 open for SIP registration. I am looking for either step by step instructions or someone experienced in configuring Sonicwall.
↧
Sonicwall NSA reporting
Hi Everyone,
We installed a NSA 2600 at the request of the customer as they already had it, they have a 3Y CGSS license and they are asking to produce monthly reports. Mostly around security (these are all non technical users) and I have been looking at the reporting which seems to require another license and a PC to use, but just wanted to get some feedback as to how you produce reports. Ideally emailed automatically monthly with some nice pie charts / graphs would be ideal.
↧
Download speed drops to 0byte/s once download has been started.
When we download something from any source and from any browser, initially speed stays normal and than gradually goes down to 0bytes/second. It says there for long time and sometime it would start downloading again. We have two ISPs tried both of them for downloading same thing happens in both.
Any idea why is this happening. we are using SonicWall firewall.
↧
↧
SonicWall Content Filter doesn't work properly
Hello, I am having some issue with Sonicwall content filtering. It works properly only when I enable "HTTPS Content Filtering", but it causes other issues. when I enable https content filtering users complain that they can't access most of the sites they regularly use for work purpose. could you please help?
↧
Is it possible to create this scenario of IPsec tunnel?
Is it possible to create this scenario of IPsec tunnel?
I need Site A clients
on LAN 1 to be able to access folders/software on Site B
I need Site A Server on LAN2 to accept RSTP from Site B LAN
I have 2 Sonicwalls TZ 400
Site A:
WAN x.x.x.x
LAN1 192.168.2.0/24
LAN2 92.168.100.0/24
Site B:
WAN y.y.y.y
LAN 192.168.3.0/24
When I try to create 2nd IPsec it says “Found a policy with the same peer gateway WAN. Phase 1 proposal for matching policy might be overwritten. Click OK to proceed or Cancel to change settings”
↧
Sonicwall DHCP not working for custom zone
Sonicwall TZ400. I created a new zone called Guest WIFI and applied it to VLAN 4 on interface X0. The problem is that I'm not getting an IP. If I change the zone of that interface to WLAN I get an IP, so it's an issue somehwere in the access rules.
What must I allow for this guest WIFI?
My intention is to only have this interface access the Internet, but have no access to the LAN zone.
↧
Should I use a wildcard cert on my Sonicwall NSA2600?
Due to new PCI external scan requirements, it appears that I am going to be forced to install a cert. We are a small non-profit organization and have gotten away for several years just using a self-signed cert.
I am really just looking to protect the Sonicwall and the SSLVPN function. We do not have anything behind it on the inside that really needs a cert. I'm scratching my head though... what common name do I use? In a previous life (corporate) I would have just gone for a wildcard cert and been done with it. Not sure I can justify a wildcard...but if that is still the best way to go I can probably scrounge up the cash.
Assuming that I *cannot* get a wildcard:
I created an external DNS entry of "vpn.xxxxxx.org" to make it easy for my users to setup their Netextender without having to remember an IP address...it's a bit easier for them....
↧
↧
Trouble installing GlobalVPN on Windows 10 Home laptop
Okay, tons of years working with Sonicwall. I have installed it on Windows 10 before, but they all have been Pro. I don't think that is the problem.
This is a new laptop for employee and they are setup as Admin with a Microsoft account. In fact, option to get to Local accounts and groups is missing. So I setup a new user as admin and it said it is local. I have installed, or tried to install the 64 bit client (PC is 64bit) with 4 diff versions. Latest was 4.10.2.0428. Earliest versions were 4.7.3.0403.
I know about the other VPN methods and want to fix the GlobalVPN. When it gets to installing the file, I get Error writing to file. The file is dneinst.exe. Pic attached
Defender and McAfee is off. Any thoughts? I run install as admin. Just checking before opening a support ticket.
↧
Assistance with setting up VPN on a TZ100
Hi all,
I need to setup a basic (not SSL) VPN from allowed IP's (My IP and a remote users home IP), to the local network so we can access internal PC's.
I haven't worked on SonicWALL firewalls for a long time so I am very rusty at what I need to do. I remember needing to add Network address objects / Firewall objects, NAT policies and 2 million other settings, but can't remember the exact ins and outs.
Would someone mind assisting with a quick guide?
Thanks
↧
Error: overlap of DHCP entries
First time setting up a subnet that's not 255.255.255.0.
Have an interface in the sonicwall (X6) setup for a subnet with a subnet mask of 255.255.254.0:
When I go to setup the DHCP in the sonicwall it gives me the error of :Error: overlap of DHCP entries.
Shouldn't my usable range be 192.168.0.0 to 192.168.1.255 ?
↧
Trouble setting up Sonicwall Web Mgmt with new cert
I have downloaded a new SSL cert to use on my Sonicwall NSA2600 since our PCI scanning was squawking about using a self-signed cert. In the System/Administration/Web Management Settings the dropdown only gives the choices of "Use Self-Signed Certificate" and "Import Certificate". I've already imported the cert...it was my understanding that the new cert should show up in this dropdown. What am I missing?
↧
↧
Firewall Error
So Now And Then I See This Error in My Tz400W
ecurity Services Capture ATP File Transfer Result Standard Anti-Virus Message String Inform Gateway Anti-Virus Status: Server error. This firewall is sending packets too fast for it to reassemble.. File forwarding to Sandbox truncated for: http://groups.csail.mit.edu/ana/Publications/Understanding_broadband_speed_measurements_bauer_clark_...; 128.30.2.130, 80, X1 192.168.168.222, 20213, X0 tcp groups.csail.mit.edu/ana/Publications/Understanding_broadband_speed_measurements_bauer_clark_lehr_TPRC_2010.pdf N/A
↧
SonicWALL Site-to-Site VPN - rsync Broken Pipe (32) error
We have a site-to-site VPN using (2) SonicWALL NSA 2600's.
When trying to do a rsync between two servers across the s2s VPN, we're getting the following error about a "Broken pipe (32)":
I believe this is a SonicWALL s2s VPN issue (probably a configuration issue) because if I do a rsync locally on the LAN (not s2s VPN), it works perfectly fine. Only when trying to do a rsync across s2s VPN do I get these "Broken pipe" errors.
Do you have any suggestions how to fix this? MTU issue?
The rsync runs for awhile transferring files sometimes for a few minutes, sometimes longer, then randomly gets a "Broken pipe" error and stops. Happens with rsync initiated on either server.
ServerA (10.10.10.124) -- ServerB (10.1.1.127)
NAS1_2.hbk/Config/@Share/@AppShare_NoteStation/16.db.16
25,572,352 100% 606.04kB/s 0:00:41 (xfr#48, ir-chk=1039/1118)
...
↧
NSA 2600 Multiple Public Subnets & Routing Public IP's
Hello,
I already 5 IP's purchased by my ISP 28.X.X.20 - 28.X.X.24
.19 is the WAN default gateway and .20 is our link address that goes into the router.
.21-24 are public IP addresses for our webservers which we have setup and routed correctly.
The issue
We just bought another set of 5 IP addresses 40.X.X.35 - 40.X.X.39 with .34 being the WAN default Gateway.
I have all the NAT policies setup correctly, it's just I can't get our web server 40.X.X.35 to route through our link on 28.X.X.20.
Our ISP says that the plug that goes from their router to ours is enabled with both subnets.
How do I set it up on our end? They mentioned we'd have to pay for static routing on the ISP side to forward IP traffic from 40xxxx to 28xxxxx.
Is there a way where we don't have to setup static routing on the ISP side?
↧