Best Of
Re: Unable to config physical and logical on Interface probing on TZ570
@lgfamisan go into the settings of your "Defaulf LB Group" and check the tab Probing. If "Probe responder.global.sonicwall.com on all interfaces in this group" is enabled you cannot check per Interface and the option is greyed out.
Just disable that option and do your probing per Interface like you always did.
—Michael@BWC
BWC
Re: Drop packet with no reason.... (or maybe one but i don't which one ;-))
I ran into the same error after 'cleaning' up some NAT Policies:
DROPPED, Drop Code: 734(Packet dropped - drop bounce same link pkt), Module Id: 25(network), (Ref.Id: _2122_jcpfngDqwpegVtchhke) 1:2)
In my case, I had inadvertently removed the protocol in question (examine the packet header information in the packet capture) from the Original Service value of the NAT Policy. Once I added the protocol in question (Service Object) back into the Service Group used in this NAT Policy, my access worked and the drop error ceased.
Firmware 7.1.2 Messed up my config!
Thanks for rushing this update to fix multiple vulnerabilities and not triple checking everything.
One of my site-to-site vpns not longer works.
The address object of my SSLVPN pool was gone!
The routes for my SSLVPN were gone!
It wrote my DNS server backwards!! What! 5.0.168.192
Thanks for ruining my night!
Re: Connecting to CSE Control Center - stuck
Long story short, the issue was that my CSE org was scheduled for deletion on Oct 2nd because my trial keys expired earlier on. On Oct 1st I activated my retail keys for 1 year, but due to a bug the CSE got deleted anyways.
After a long journey with the very helpful Technical Support Team we figured this out, SNWL fixed the issue and I needed to create a new CSE setup, which is not a big deal, because it wasn't in production.
Word of advice, don't let your CSE licenses expire, even if you renew in the notification time period! Don't poke the bear.
—Michael@BWC
BWC
Re: Factory Reset TZ270
you need to do this from safe mode to do it correctly,
make a note of the maintenance key(copy to notepad) from mysonicwall account under your product
enable ssh on the LAN interface, log in with putty and the type safemode and select y
the firewall will reboot on the default 192.168.168.168 address, put in the maintenance key
when in safe mode select factory reset and wait it may take over 10 to 15mins before the pings stop responding and it does the reset
preston
Re: What Order are Security Services Processed in TZ Firewalls
This might be what you're looking for.
—Michael@BWC
BWC
Re: How do endpoint licenses work?
@bzperry I'am located in Germany, the distributor pricelist shows price band 1-24, I googled the SKUs and 5-24 showed up.
I believe 5-24 is outdated, because if I check the catalog on MySonicWall it shows 1-24 as well.
A question probably only SNWL can answer for your geographic location.
—Michael@BWC
BWC
Re: Difficulty upgrading sonicwave 641 firmare
WNM Version: 4.5.1-2 resolves the issue of upgrading firmware on 600 series AP's.
Danny
Re: Port Scan Detected notice - is it blocking them or not?
@JHSD to my knowledge there is Port Scan Detection (!) only and not Prevention. It's just a log entry to let you know someone is up to something, you have to configure your ruleset accordingly.
If you don't like to see these messages, you can disable Port Scan Detection completely on the Internal Settings Page.
--Michael@BWC
BWC