Quantcast
Channel: SonicWall
Viewing all 2641 articles
Browse latest View live

SonicWall - Resolving DNS

January 3, 2019, 4:57 am
$
0
0

Hi All,

We have a SonicWALL TZ500 which we've configured to allow users VPN access. We're having an issue where the name of the server isn't being resolved to the IP address, simple example - User enters Server1 into the RDC box - no server is found. User enters IP address 192.168.0.2 (Dummy IP) the server is found and the user can connect.

We have configured LDAP and the user accounts are successfully logging in, it's just this final point of resolution. We've read several articles from SonicWALL regarding the setup and it all appears to be ok, however when I check the DNS Server Status there is a yellow light next to it saying that staus is unknown. One thing we have noticed is we do a DNS name lookup within System Diagnostics we have to use the FQDN of the server and this resolves succesffuly. If I try this when conencted to the VPN...

Search

Flappy Site to site VPN Sonicwall

January 3, 2019, 11:29 am
$
0
0

Hi,

I have 2 Sonicwalls connecting 2 sites.  One is Sonicwall TZ500 , the other is Sonicwall TZ200.

The Site to site VPN between the 2 firewalls was fine for  years until recently, it becomes flappy. I checked the log and found these:

IKE SA lifetime expired. 

IKE Initiator: Start Quick Mode (Phase 2). 

IKE negotiation complete. Adding IPSec SA. (Phase 2)

Received IPSec SA delete request

Received IPSec SA delete request

I checked all the VPN parameters like Hash, Authentication, Lifetime, etc. all are the same.

Can you help me why it's flappy?

Thank you!

Sonicwall stopping RDP connection with Encrypted Key Exchange signature

January 4, 2019, 11:54 am
$
0
0

Hi everyone,

Everytime I try to connect to a Windows Server 2016, I am dropped by the firewall with Encrypted Key Exchange signature(7). 

The map problem is as follows: I start a connection, type my user and pass(successfull) and then, when the windows screen would appear, its blocked and after some seconds, it shows an error "internal error" and the RDP screen closes. 

The problem occurs only in windows Server 2016. Others server using Windows Server 2012, the problem does not occurs. 

Any help, it would be very appreciated.

Fernando Dias

Best way to implement ldap & Radius with sonicwalls

January 4, 2019, 1:39 pm
$
0
0

I want  to implement ldap & Radius authentication what will be the best way to get it done  What to expect? how do you authenticate printers and VOIP Phones rules exceptions?.. will be working on this over the weekend so i don't have to worry about down time... 

below is my scenario.. 

1. 5  SonicWall Firewalls, five different location East coast, West coast, MidWest, NorthEast..  connecting to main  location via VPN Tunneling.

2. 1 Domain Controller Server 2012 R2 at Main location.(working on a backup Domain Controller at a different location

3. 1 RDS Server (Planning on moving to SSL VPN within 4 months)

Sonicwall and new modem

January 8, 2019, 12:30 am
$
0
0

So today we had our internet connection upgraded from ADSL and a new modem at one of our smaller sites and now, I cant get any traffic through my Sonicwall TZ100.

Connecting directly to the modem works fine and, I can connect directly to the TZ100.

Talking with the service provider, I'm told it should work without issue.

Unfortunately, what I know about configuring dedicated firewalls and VPN can be written on the side of a stamp.

I know its a long shot but any advise or direction would be greatly appreciated.

Transfert licences VPN

January 8, 2019, 6:28 am
$
0
0


Bonjour, 

Bonjour, 

Nous avons acheté un pack de 5 licences VPN pour notre Sonicwall TZ205w (numéro de série C0EAE4920C80). 

Nous pensons à un TZ300w ou un TZ400w. 

Il est possible de transférer le pack de 5 licences sur le nouveau matériel?

Merci d'avance

SonicWall/Azure Tunnel VPN: IKEv2 Unable to find IKE SA

January 8, 2019, 8:57 am
$
0
0

One of our offices has a TZ400 with the latest SonicOS Enhanced 6.5.2.2-44n firmware on it. Everything has been rock solid until last night. With no changes, and the ISP confirming that there are no issues, the VPN connection started dropping. I can establish a VPN connection to the firewall directly, but the tunnel to Azure drops every minute with a warning of IKEv2 Unable to find IKE SA.

Has anyone run into this issue or have a possible solution? I have recreated the connection, restarted the firewall and modem and nothing seems to work. The connection will last a minute, drop and create a new tunnel over and over and over again.

Alert on app rule trigger

January 8, 2019, 9:48 am
$
0
0

Hi there.

I'm trying to find a way to let SonicWall send me an alert everytime a client on LAN triggers an app rule I made.

I basically made a rule to drop BitTorrent packets, but I still would like an alert. I already can see the traffic with corresponding IP addresses in the event log.

I can't seem to find anywhere how to do that.

Did anyone do this already?

Search

Unable to access to local lan subnet via l2tp - Sonicwall

January 9, 2019, 5:33 pm
$
0
0

Got everything configured, I thought, but I can not access the local lan subnet. I can connect, and access the management interface of the sonicwall, which is on the same subnet as the network i am wanting to reach. I can pull some screenshots, just needing an idea of where to start.

firewall access rule for site to site

January 10, 2019, 8:51 am
$
0
0

I'm trying to create an access rule to a guest network on our sonicwall TZ300

so at present i have a new guest network on interface x3 192.168.29.x

we have a site to site vpn connection set up from site 2 but i can't access the network on X3 from here, i guess i need to add an allow rule here somewhere but am struggling to get the correct settings can anyone help


from - Wan

to - Guest Lan

Source - Any

Service - Any

Destination - Guest Lan

Does using the SonicWall cert for DPI leave your remote users vunerable?

January 11, 2019, 7:11 am
$
0
0

I'm doing some research on SonicWall SSL-DPI.

As I understand it, you install the SonicWall cert as trusted on the client, so the firewall can man in the middle the traffic, removing the original cert and adding it's own.

For a typical desktop that's fine, but what about laptop users that connect to the internet "in the wild"?  Couldn't anyone grab that SonicWall cert and use it to man in the middle their traffic undetected?

Can you buy/create a certificate to use in place of the OEM one to fix the issue?  or ?
(PS not harshing on SonicWall, I would assume everybody's SSL-DPI works this way)

SonicOS 6.5.3.1 HTTPS Content Filtering Option is Gone

January 13, 2019, 5:19 pm
$
0
0

Just programmed up several TZ400s to replace the EOL units. Out of the box all units showed the option for "Enable HTTPS Content Filtering" under Security Services > Content Filter.  Unfortunately, to get the old exp file to import correctly I had to upgrade the firmware on all the TZ400s to the latest version.  After import I noticed the option is now gone on all the walls.

Any insights on a fix?

Thanks in advance.

Sonicwall VPN client Stuck on Acquiring IP

January 14, 2019, 1:13 pm
$
0
0

Hello everyone,

I have a user that is unable to connect to our SonicWall using Global VPN.

After entering the IP address, connection name, and shared passkey the Global VPN hangs on acquiring IP address.

I tested the users profile on another system and it goes through no problem. I also tested another system the user has connected to the same router/modem. It seems to only be the one system. 

I made sure they are on the correct version Global VPN client, tried removing and re-adding the service, and enabling the connection manually through the adapter settings. After we attempt to connect the connection goes from enabled to disabled automatically.

The user also does not have any antivirus software enabled and we tried disabling the firewall.

Any help would be greatly appreciated.

My VPN goes down after 5 seconds

January 14, 2019, 2:44 pm
$
0
0

Hi Everyone, I have been having problems with keeping my VPN connection active. It seems that the sonicwall  is changing the port to the VPN . I have never had that problem before. I was wondering is there a way that I can get it to stop doing that. I have full strength connection wise.

Can't Ping or RDP different site while on Netextender

January 15, 2019, 7:00 am
$
0
0

We have an Sonicwall SMA 400 and NSa4650 firewall. When connected via Netextender we can ping and rdp to our internal LAN 10.1.0.0\23 but we can't ping or rdp our other site(site to site VPN) 10.1.5.0\23 via netextender. I'm quite new to sonicwall appliance and still learning. Any suggestions would be appreciated.

Search

Disabling IPV6 on TZ400

January 15, 2019, 9:57 am
$
0
0

We have several recently deployed Sonicwall TZ400s running 6.5.3.1 running in purely IPV4 environments.

IPV6 has been disabled on all interfaces.

Despite this, the logs are still showing traffic in IPV6.  If I see a suspect entry, I have to go to the entry, pull up the MAC address, and cross that MAC to the static IP assigned.

How can we disable all IPV6 reporting in the logs?

Thanks in advance.

Viewing GEO-IP Logs

January 15, 2019, 10:04 am
$
0
0

Just upgraded to TZ400s at several offices. All are running Sonic OS 6.5.3.1.

In the past, if a site was blocked by GEO-IP blocking, you could see it in the logs and would be shown as:

Alert - Security Services - Responder from country blocked: IP:xxx.xxx.xxx.xxx Country Name:Germany, etc.

Now I can find no reference to the Geo block. This is a HUGE issue in finding out what needs to be unblocked. It's one thing if a user simply goes to a web page that is blocked as that will tell them why they were denied access, but if they're using an app on a tablet or a piece of software that can't reach its destination, there is no way to tell which GEO block prohibited it.

Right now I'm having to do packet captures and look for the offending IP which is often like search for the proverbial needle in the haystack. I hope someone has some insight.

...

Bandwidth Policy

January 15, 2019, 10:25 am
$
0
0

Is the bandwidth policy applied per device or zone? I want to setup a bandwidth policy for one of our vlans, but don't know if that number I enter is applied to per device or is it the whole zone.

Prove that the internet is dropping out?

January 15, 2019, 2:01 pm
$
0
0

How would one prove that the internet is dropping out, even for 2-3 seconds here and there? Could I setup PRTG, watch our Sonicwall and then check for drops in internet connectivity? We are having an issue and we don't know if its the internet or our remote app that we use for our EHR system. The EHR system is cloud hosting and have reached out to them to see if the issue maybe there.

Windows 10 VPN (Sonicwall) registers wrong adapters IP in DNS

January 17, 2019, 8:53 am
$
0
0

Hi all,
Bit of an annoyance I've been pondering the last few days:

Windows 10 clients, Sonicwall Mobile Connect app installed from Store, then VPN connection to our Soincwall firewall configured using Start Settings Network & Internet VPN.
Essentially this is setting up an SSLVPN connection and creates an SSTP WAN Miniport adapter.

From the client side, everything works. They can do DNS lookups of internal resources, split tunneling is fine, etc. etc.

The problem comes with the DNS record that's being registered in our internal DNS servers. When a user is on the VPN, the IP address of their client-side LAN adapter is registered in our internal AD DNS servers. For example:

Our LAN: 10.0.0.0/24
Our VPN IP Pool: 10.0.0.100 to 10.0.0.200
Client is on their home Wifi with IP: 192.168.1.10
They connect to the VPN, and the SSTP adapter gets IP:...

Viewing all 2641 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>