Quantcast
Channel: SonicWall
Viewing all 2641 articles
Browse latest View live

Can't access resources with SonicWall SSL VPN

October 31, 2018, 2:48 pm
$
0
0

I have watched every video on youtube and searched every possible resource on the net about this. I have an NSA 3600 SonicWall with SSL VPN setup. I can connect succesfully but can't access resources. I can't ping by name or IP. I can't ping the LAN interface of the subnet I'm trying to reach. I have triple and qaudruple checked my settings. I've gone over every video on youtube dealing with this issue and nothing solves this. There are no local firewalls on any machine, source or destination. The strange thing is, when I set this up initially it worked flawlessly. I left it for a couple weeks and came back to it and now it doesn't work. Nothing changed. Its a small company and no one has access to anything to do with network management but me. The logs give no clue. They just show successful connection.

Not sure if anyone can help but...

Search

How do I generate a new HTTPS management cert for a Sonicwall?

October 31, 2018, 5:43 pm
$
0
0

Hi folks.

I have a Sonicwall TZ105 with an HTTPS Management cert that is using the following config:

Certificate Issuer: C = US, ST = California, L = Sunnyvale, O = HTTPS Manage
ment Certificate for SonicWALL (self-signed), OU = HTTPS
Management Certificate for SonicWALL (self-signed), CN
= 192.168.168.168

Subject Distinguished Name: C = US, ST = California, L = Sunnyvale, O = HTTPS Manage
ment Certificate for SonicWALL (self-signed), OU = HTTPS
Management Certificate for SonicWALL (self-signed), CN
= 192.168.168.168

The CN is problematic because it's causing my PCI scan to fail. So I have to generate a new SSL certificate. How do I do this in my Sonciwall? What can I change the CN to?

My current firmware is SonicOS Enhanced 5.9.1.7.

Thanks for your help!

How allow youtube only for one user, Sonicwall?

November 1, 2018, 2:45 pm
$
0
0

Hi guys,
On my Forbidden List I block YouTube to all users, but for labor issues 1 users needs to enter. What can I do for the user to enter?

Sonicwall logs

November 5, 2018, 5:51 am
$
0
0

Hi all

i discovered one of my Nas devices was infected over the weekend.

I'm trying to see if i can track down the source of this via router logs.

First where can i fing a list of devices connected at the time snd date

2nd Is it possible to see a log of what device connected to the nas drive on the router.

I cant see any usefu logs on the nas itself.

We have a sonicwall tz300

migration from Sonicwall NSA 2400MX to NSA 2650

November 6, 2018, 4:00 am
$
0
0

Hi, I know that the above migration is not supported according to Sonicwall resources (https://www.sonicwall.com/en-us/support/knowledge-base/170505258332789)

The question is has anyone tried it anyway? I'm just curious would this work? I know that these may go bad.. but interested in this specific scenario.

If setting up from scratch but in need to retain all settings from the source unit, do you use anything which would help you in the process as any tool to extract and compare settings etc?

SonicWall Netflow (IPFIX) showing external NAT interface as destinations

November 6, 2018, 4:54 am
$
0
0

Hi,

We are sending IPFIX data from several SonicWalls (NSA and TZ models) to PRTG and the destinations from external source addresses are showing as the external X1 NIC's address, not the ultimate internal target, which renders the data fairly useless for identifying who's doing the top talking, etc. Is there some setting - or concept - I am missing or is this just a limitation with Netflow itself or the SonicWall's implementation of it? Thanks.

Sonicwall site to Site VPN to multiple Subnets

November 6, 2018, 9:26 am
$
0
0

Hello,

I have a sonicwall site to site vpn from the 192.168.254.x to the 192.168.10.x network.  This is working perfect.  I also have a second router located on the 192.168.10x network connected to my fiber ring which routes traffic to my other subnets 192.168.2x - 192.168.11x.  the sonicwall will only work with the 192.168.10.x and won't route to the other subnets.  I have tried different routes and adding the other subnets in the address objects with no luck.  I also tried building the VPN as a tunnel interface and setting up routing but I'm missing something.  Any help would be great!

Sonicwall VPN Setup

November 6, 2018, 10:31 am
$
0
0

I am having a tough time with a situation, any input would be greatly appreciated

I have a total of seven sonicwalls, 1-6 are on the same internal scheme, 10.0.0.0/24

I am trying to establish a connection from 1-6 to number 7 with an internal scheme of 192.168.20.0/24

Im not sure what route to take to mitigate overlapping, I have tried NAT but still can get a successful connection. Im using site to site, main mode etc. per sonicwalls walkthrough, I just am not sure how to proceed, should 1-6 and 7 have NAT traversal or just 7? thank you for your time.

Search

UTM throughput moment of excitement...

November 6, 2018, 6:44 pm
$
0
0

I was all excited when the TZ 400 we were testing was hitting 850Mbps in our download testing. Then we noticed there was a licensing error preventing the security services from running. Once that was corrected I couldn't pass 85Mbps.

Hopefully I can get it above 200Mbps tomorrow, but for a brief moment I was very happy.

Set up a c. 2012 Sonicwall TZ105 Wireless-N to emulate a c. 2004 Sonicwall TZ170

November 7, 2018, 7:48 am
$
0
0

Hello,

I have a Sonicwall TZ170 set up currently (see image) w/ VPN connection to a newer TZ105 Wireless-N (like the one I want to replace the TZ170 w/). There are a few changes my Pres. of Ops at this company would like me to enact, namely: make the network printers available from his workstation (logical partition exists at the moment), make the QuickBooks server available from his workstation (ditto), and (since he can only use wireless due to not having a functional Cat5e jack in his office) connect his workstation via W0 port (Wireless Antenna), as his workstation has built-in wifi radio/adapter and since the TZ170 is NOT wifi-capable, he is presently "piggy-backing" our officemate's (diff. company) wifi router and using the subnet that has been partitioned off intentionally for the sole use of our officemate (who pays the ISP and...

Scanning Assets with Inventory manager over Sonicwall site to site VPN

November 7, 2018, 3:24 pm
$
0
0

I have a main office lan that is connected to all remote subnets with a Sonicwall site to site vpn.

I can ping from the main lan to the remote lans and back.

My Bitdefender on a remote machine detected and blocked the port scan from spiceworks invenory manager, so I turned off block port scanning for testing. Now when I try to rescan the machine it just says firewalled. Nothing else. I can ping and ping from this specific machine.

I do have a rule in place in the policy to allow all traffic from the server IP I am using for Spiceworks server, which seems to work fine with all of the local machines on the main lan subnet. But on remote subnets it seems like I get the IP, the name of the PC (most of the time), and that is it. No OS detection or anything like that. I am using a local admin account for these machines when I select "rescan"...

Sonicwall Command-Line Issue

November 8, 2018, 1:32 pm
$
0
0

I've been doing a lot of command-line programming of Sonicwalls lately. The latest generation firmware has a fully functional CLI interface. So, here's the issue....

As per Sonicwall, I should be able to copy and paste 1000 lines at a time into an SSH session or console (serial) connection.

Using Putty, I connect with the serial management cable and copy/paste the CLI instructions. After about 20 lines, lines start getting dropped and then the errors start.

If I connect with SSH, I can copy about twice as many lines, and then the same issue.

I have tried this from a Windows 10 PC and a "clean" Windows 7 PC. By clean, I mean it's a clean install with all the updates and no other software.

It looks to be a buffering problem and I've messed with the port buffering on the PCs, but it make no change in the behavior.

Does anyone out there use...

SonicWall SSL cert expiring

November 8, 2018, 4:29 pm
$
0
0

Here's a stupid question that Google was no help on...

I have an SSL cert for my SonicWall... it's expiring in a week or so... and GoDaddy automatically sent me the new one. I uploaded it into the SonicWall, but noticed that it says "CA" as the cert type instead of "Local" like the old one. Still, I exported and deleted the old cert, and then tried to add the new cert, but it does not show up as an option in the SSL VPN cert drop down menu. 

Question: Do I need to make a new CSR each time the firewall's cert expires? Or is there another way around this?

Thanks all!

SonicWall VPN zone mismatch issue

November 10, 2018, 2:33 am
$
0
0

I’m having a strange issue with any L2TP vpn users, which is that the SonicWall thinks they are on the X1 wan interface rather than the VPN interface, even though it’s picking up an IP from the internal range I setup associated with the VPN interface.

I’ve been trying a few different things like defining the gateway, domain name, tried even changing to use the LDAP server to distribute dhcp but nothing works to get it to switch the interface it comes in on. Not sure why it thinks it’s on the wan interface, any ideas?

Also, what adds another level of strangeness to this scenario is that we recently changed the IP address of our camera server, same subnet just changed last octet to group everything together. So now I can ping and RDP into any device from VPN clients, both L2TP and global vpn clients except for this camera server. I don’t...

Site to Site VPN Vulnerability - Sonicwall to Sonicwall

November 10, 2018, 5:01 pm
$
0
0

We had a vulnerabiltiy scan done and the following vulnerability keeps showing up. The firewall is an NSA220. All VPN tunnels have the exact same settings. 

I’m using : Main Mode, Group 5, AES, SHA256, same config for phase 2 as well. Any help would be greatly appreacited.

500

udp

ISAKMP Allows Weak IPsec Encryption Settings

(blank)

Z
Search

Sonicwall needs to log changes to address objects: Please join my campaign

November 12, 2018, 1:31 pm
$
0
0

Hi, I have brought this topic up with Sonicwall multiple times over the years, and thought I had gained traction a few times, but I need some help. If this makes sense to you, and you have a support account with Sonicwall (and think it's worth 5 minutes), I am begging for your help in my campaign. Please copy and paste the following into a support case for me:

Every compliance framework that I know of requires managing change to access control lists. While use of address objects and address objects in Sonic OS is quite useful and powerful, Sonicwalls do not have a log event for changes to address objects or address object groups, and this lack of logging makes auditing ACL changes nearly impossible. Please add a log event for changes to Address objects and address object groups.

There may already be a request for enhancement logged in...

Switching ISP's with a sonicwall NSA 2400 router

November 13, 2018, 4:30 am
$
0
0

We are switching ISP's and I want to make sure it goes smoothly and not get me caught up all weekend scratching my head.

On the interface settings the X2 port is the WAN port. Would I just need to change the static, dns, gateway etc for the X2 port to accept the new WAN connection and then plug the new modem into it? Or does it make sense to use an unassigned port and set it up basically as a failover and then unplug the X2? 

Would changing the X2 port and switching it out affect other settings? From my understanding I would need to change the information for our various VPN connections but other then that it should be good?

I wouldn't think any of the LAN settings would be affected?

I would really appreciate any advice.

thank you

How to configure vpn in sonicwall router ?

November 13, 2018, 10:15 pm
$
0
0

Fine i am working as it technician in qatar. I am seeking for someone's help bcoz i was unable configure vpn for my company. there is already a sonicwall used in the network for firewall.I do need to install the another router for the accessing erp software using vpn in another site.

can someone briefly guide me how could i go through this process. as everything is done from my side.

hopping for best responces.

thanks!!

Sonicwall Command Logging

November 15, 2018, 2:05 pm
$
0
0

Hello is it possible to log all commands/actions being done when accessing the appliance? I have tried enabling the enahance auditing feature but it does exactly specify what changes or commands have been made.

Add subnets to working sonicwall ptp vpn

November 17, 2018, 6:22 am
$
0
0

We have a working site to site vpn (multiple really) lets say 192.25.15.x/24 to 192.25.16.x/24. Works perfectly. We need to add a set of vlans to a different interface on the sonic at the .16 site. These vlans are created on a cisco switch with addresses of 192.26.16.x/25, /27, and 2 /28. These devices have vlan routing done in the cisco, and they can reach the internet, and the devices on the 192.25.16.x subnet. However, I cannot get the connection from the new vlans to the other site across the vpn.

The cisco switch is connected to the x3 interface and there is a route between them 10.0.0.x/24 on each end.

I have created the routes on the switch and the sonic to get to the new subnets.

I have placed the new subnets into a network group with the other .16 subnet and made sure that new group is defined in the VPN policy and double checked...

Viewing all 2641 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>