Quantcast
Channel: SonicWall
Viewing all 2641 articles
Browse latest View live

Got a DMCA notice....can my NSA help me?

March 31, 2020, 6:17 am
$
0
0

So we got our first ever DMCA notice yesterday. It was someone downloading an episode of True Blood at 11PM. A little info on our shop, we are a nursing facility, with 24/7 staff. At the core we have a Sonicwall NSA 2650. Couple wifi networks, one being a Guest network with no password.

With this COVID-19 stuff going on, we have some staff that has been staying up here, so I am 90% sure thats who downloaded the show.

First thing I did was lock down the guest network and kick every user off of it. I would like to eventually open this back up, or implement Guest services where the end user gets a "pass" to be on our network. But I would like to lock it down and prevent further downloads using our Sonicwall. I have been reading up on stuff, and some of the file transfers, illegal sites use 80/443 for transferring.

Any help or direction would...

Search

Cannot add or edit Groups or VPN Access under User Settings for Local Users

March 31, 2020, 7:34 am
$
0
0

I am working on a TZ 500 wireless-AC. I am attempting to create a new user on the Local Users screen. I can select Add, enter the Name, enter the Password, and enter the email address.

When I move to the Groups tab it already has Everyone and Trusted Users in the Member Of column.

When I move to the VPN Access tab there is nothing in the Access List side. I want to add LAN Subnets, so I search for it on the Networks column on the left, but even when selected there is no way to move it. No arrow, no double arrows if I wanted to add everything, double clicking does nothing, it's like it's just in a view only mode even though it clearly shows Configuration at the top right.

To test I went back to the Groups tab and tried to add or remove anything there with no luck either. I then went to some existing users and tried to edit them instead of...

SonicWall Global VPN client ping works only one way

April 2, 2020, 5:42 am
$
0
0

Hi! I have a problem and would like to know if I have a remote computer connecting to a work computer through the Global VPN client, should I be able to ping from the work computer to the remote? I can ping from the remote to the work computer.

Weird issue with TZ205 SSLVPN

April 2, 2020, 11:56 am
$
0
0

Have a client with a TZ205, has had SSLVPN working fine for a while under (1) user. Due to this whole coronapocalypse thing, we've bumped up the license to (2) users. That installed fine, shows licensed as 2. Here's the weird thing...whoever connects first gets normal network access. The second user that connects, gets absolutely nothing. It authenticates the SSLVPN user fine, but you can't ping anything on that network, no RDC works...etc. If both disconnect, then the one that wasn't working reconnects, they get full access, but 2nd user again, gets nothing.

I've checked all the access rules, even compared it to another firewall that we have running that just was bumped up to 12 users (and working 100% fine)...absolutely stumped by this.

A little more info - network is on 192.168.0.xxx, SSLVPN gives out 192.168.0.210-215. Have tried...

I have few questions about VPN, LDAP, licensing and etc.

April 3, 2020, 11:23 am
$
0
0

I have 5 Sonicwall TZ400 and several locations with WIndows Servers 2012, 2012R and 2016

1. I have never done LDAP before and therefor have questions:

2. For users to use their Active Directory login/pass for VPN what should I set up? LDAP?

3. Is using LDAP with VPN and then either remote into server/user computer secure?

4. What kind of licensing is involved in Windows server?Lets say i need to set up each location with 20 remote users

5. Can i continue to use Sonicwall Global VPN Client licenses? (I bought 10 so far) or I need SSL VPN licenses?

This thole thing is pretty new to me because there was no need for it before.

As of now I create users on Sonicwall, give passwords for VPN to users then set up Sonic client on laptop, put the key and then user VPNs and navigates to his folders or remotes into his work computer. So far I just have 9...

NetExtender connects but some (but not all) users can't access network resource

April 3, 2020, 12:14 pm
$
0
0

I have a SonicWall NSA3600 with 20-30 users connecting via SSLVPN. I recently increased the licenses from 29 to 54. I have an odd issue where some users can get connected via SSLVPN via NetExtender, but they can't access any of the local network resources. It doesn't happen to every connected user and in most cases, they were previously able to connect and have complete network functionality. Anyone else had this issue?

LAN Network issue - No internet access

April 4, 2020, 1:37 am
$
0
0

We have connected two networks into a switch from SonicWALL.

1.Sonicwall X0 (DHCP)-------this is for Computers.

2.Sonicwall X2 (StaticIP) ------ For IP phones.

Here the computer will get DHCP from the firewall , IP phones and PBX are configured on static IP mode.

Some we use a single port of switch for IP Phones and Computer (from phone will connect to computer)

We not configured any vlan in switch until now. we are using cisco Sg300 switch (managed) with L2 mode.

The above setup was working fine for the last 4 years. Suddenly we start facing an issue with computer internet access. The computer can't able to communicate with the firewall or internet. But the computer can locally communicate with other local computers in the same network.

Also note, when the issue occurs some computers work fine.

We made a packet capture on...

Local Area Network issue - No internet access

April 4, 2020, 1:37 am
$
0
0

We have connected two networks into a switch from SonicWALL.

1. Sonicwall X0 (DHCP) -------this is for Computers.

2. Sonicwall X2 (StaticIP) ------ For IP phones.

Here the computer will get DHCP from the firewall, IP phones and PBX are configured on static IP mode.

Some we use a single port of switch for IP Phones and Computer (from phone will connect to computer)

We not configured any vlan in switch until now. we are using cisco Sg300 switch (managed) with L2 mode.

The above setup was working fine for the last 4 years. Suddenly we start facing an issue with computer internet access. The computer can't able to communicate with the firewall or internet. But the computer can locally communicate with other local computers in the same network.

Also note, when the issue occurs some computers work fine.

We made a packet capture on...

Search

Question For

April 5, 2020, 5:27 pm
$
0
0

What is the lasted version for the sonic wall tz400w?  Firmware Version  6.5.4.3-34n--HF214614-4n is what i have now.

Unable to connect with any VPN client but can reach sonicwall

April 6, 2020, 8:40 am
$
0
0

I have a single user who is unable to connect to our VPN no matter which client is used (GVC, NetExtender, Mobile Connect). He is able to ping and tracert to the public IP of our firewall as well as access the virtual office web page, so there is connectivity yet none of the VPN clients will connect. I am at a loss here. I've had issue with GVC connecting before but SSL VPN always worked. Any ideas?

Saving Docs over Sonciwall VPN to Windows File Server is VERY SLOW.

April 6, 2020, 9:39 am
$
0
0

HI All.  SonicWall Tech support is a bit swamped it appears, and could use some real help!

At work, server room is: Fiber Connection (1gb/s) and SonicWall (brand new - about 6 months old).   ADS and File Server.  We use O365 so email is in the cloud.

Workers are using VPN through Sonicwall Global VPN Client.  We can download and upload files very fast over VPN.  The problem is when we are opening excel, etc - and saving.  It can take 3 minutes to save a 4MB file (which seems about average size for us).  Everyone typically has very fast at home.

Any help is SO appreciated!  Thanks! 

Sonicwall match object "blank"

April 6, 2020, 9:59 am
$
0
0

Does anyone know is there a way to create a match object that equals "blank"?

Specifically, I want to create a match object for field "HTTP User Agent" with a value of "blank" which means if there is no data in the User-Agent field then it matches.

Zones, Interfaces & Security Services Application

April 8, 2020, 6:07 am
$
0
0

A TZ300P has a SonicWave access point connected to X4. X4 is a member of the WLAN zone. The WLAN zone has security services enabled. X0 is connected to a network switch providing access to the LAN, and X0 is a member of the LAN zone also with security services enabled.

X4 is the parent interface to the V1 & V2 virtual interfaces. X4:V1 is a member of the Staff_WLAN zone. X4:V2 is a member of the Guest_WLAN zone. Staff_WLAN & Guest_WLAN DO NOT have any security services enabled. Staff_WLAN is Bridged to X0. Guest_WLAN is WAN internet access only.
Question 1: Is data traversing the Staff_WLAN & Guest_WLAN zones scrutinized by security services enabled on the WLAN zone because X4 is the parent interface to V1 & V2?
Question 2: With the setup described above, data traveling from Staff_WLAN to LAN is scrutinized by security services on the LAN...

Softros LAN Messenger not fully functional over SonicWall SSL VPN

April 9, 2020, 6:13 am
$
0
0

We have a SonicWall NSA 220 configured with the primary LAN subnet, plus 3 additional subnets for our branch offices.   Our Softros LAN Messenger works fine from SSL VPN-connected users to primary LAN users.   Users on the 3 other subnets can successfully message with SSL VPN-connected users, but their icons display "offline" status, and Remote Desktop and emoji functionality are not working.  I have created bi-directional firewall rules allowing  Softros traffic, as well as RDP (terminal services).    Also, the remote user cannot PING users on the branch subnets.   Any suggestions would be appreciated.   Thank you!

Sonicwall One Time Passwords Using SMS with Domain Authentication

April 9, 2020, 10:35 am
$
0
0

We have users connecting via Sonicwall SSL VLN clients. They are authenticated using LDAP through our domain. Currently when I enable One Time Passwords for the group of users, it sends them an email with the code....however, these users are not allowed to have email on their phone or webmail access, so they cannot access the one time password. I have read how to send one time passwords as an SMS, but only if each user is setup individually (locally) on the Sonicwall. I can't seem to figure out how to do it when they are domain users.

Any help would be greatly appreciated.

Search

SonicWall VPN Inbound VPN IP shows as public IP

April 12, 2020, 3:28 pm
$
0
0

Hi all. 

We have setup a VPN tunnel to Azure with our Sonicwall TZ300 SonicOS Enhanced 6.2.5.1. All works great. 

However, some services like Citrix fail to register. On a simple ping we see that source address is the public IP on the SonicWall not the actuall ip of Azure. 

Basically our Azure is 172.168.1.x  ---- > Public IP 185.85.x.x ------> Local 192.168.1.x

From local to Azure the source address shows as expected. But as mention from Azure to local the source appeards to be the Public IP. 

I am sure you experts know why, probably bad config. Could you advise if this can be fixed?

Many thanks. 

Dan

Not able to connect Global VPN Client on SonicWall

April 15, 2020, 12:59 am
$
0
0

Hi Team, recently, I got a new requirement to configure Global VPN Client on SonicWall Firewall. I follow the guide explained, https://www.gns3network.com/how-to-configure-global-vpn-client-on-sonicwall-firewall/. to configure Global VPN Client.

I also follow SonicWall Official KB article, However, still not able to connect to the Global VPN Client.

The Global VPN Client logs are showing like: 

Text
Starting ISAKMP phase 1 negotiation.
An error occurred.
The peer is not responding to phase 1 ISAKMP requests.
Starting ISAKMP phase 1 negotiation.

SonicWall NetExtender Inactivity Timeout

April 16, 2020, 2:38 am
$
0
0

I am trying to configure an inactivity timeout of 15 minutes for SSL-VPN Users that connect to our VPN using NetExtender. As far as I can tell, it is configured properly,

  • Users Settings User Sessions Inactivity Timeout (minutes): 15
  • SSL VPN Server Settings Inactivity Timeout (minutes):15

However, users are never disconnecting due to inactivity. Oddly enough, their "Inactivity Time" that is displayed in the SSL-VPN Sessions monitor shows 0 minutes for every user. I know with 100% certainty that information is inaccurate, because one of those connections is my personal laptop, which is simply sitting on my desk at home with the lock screen showing.

Does anyone know what I may have overlooked in the configuration? Or is this something that is 'just broken' and I need to deal with?

SonicWALL - Cannot Connect With VPN Clients Through SonicWALL

April 20, 2020, 11:53 am
$
0
0

I have a SonicWALL SOHO with a Site to Site VPN to my office.  That works fine.  However, I cannot connect with VPN clients to other VPN devices.  I try the SonicWALL GVC to a SonicWALL and I've tried native VPN clients (Mac and iPhone) to connect to a Meraki VPN.  Both use port 500 and both time out.  When I do a packet monitor packet capture, the UDP port 500 traffic is being consumed by the SonicWALL.  Any ideas?

Text
Ethernet Header
 Ether Type: IP(0x800), Src=[ss:ss:ss:ss:ss:ss], Dst=[dd:dd:dd:dd:dd:dd]
IP Packet Header
 IP Type: UDP(0x11), Src=[###.###.###.###], Dst=[###.###.###.###]
UDP Packet Header
 Src=[44153], Dst=[500], Checksum=0xea40, Message Length=796 bytes
Application Header
 IKE: 
Value:[0]
Consumed, Module Id:47 1:1)

Where in Log setting i can find this message about LDAP and TLS

April 20, 2020, 5:28 pm
$
0
0

my SonicWALL 3600 6.5OS is sending me this email 3 times every min

04/20/2020 20:25:16 - 1010 - Users - Alert - Using LDAP without TLS - highly insecure

where in LOG settings can I find where is the message come from? thanks.


Viewing all 2641 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>