AZSNWL

Newbie ✭
Default Avatar

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

AZSNWL Newbie ✭

Badges (1)

First Comment

Comments

  • one more point to add: That LB list is a Top-down priority. If you place X2 above X1 (from the LB group management window) then X2 would be your primary Interface. This can be tested by going to whatismyip.com or check your default route 0.0.0.0. So, if you are adding a new interface, make sure that the primary is on top…
  • That depends on if you want to keep both ISPs for a failover option, or if you intend on having just one ISP? Just one ISP: yes, you can simply update the IP address on the interface to reflect the new connection. The routing rules, Firewall rules, and others should reflect the change when you save it. Keep Both ISPs:(even…
  • There are a lot of variables that come along with this question. But I think you might be able to do this with Match Objects and maybe RegX expressions. Check this out: SonicOS 7 Match Objects - Configuring Email Address Objects - SonicWall Or : SonicOS 7 Match Objects - About Match Objects - SonicWall I would start by…
  • You will want to confirm the WAN IP address. (default X1) Or whatismyip.com The interface should have SSL users check box checked. Interfaces > X1 check that SSLVPN is enabled on WAN Network > SSLVPN > Server Settings > make sure WAN is enabled. If you have a proper cert in place, you will be able to select it on this…
  • The Group WAN VPN is an IPSec based VPN tunnel. Mixing up other VPN clients are tricky as each vendor adds their own functionally. SonicWall has a number of clients, each has a different purpose. It's recommend using one of those for its respected connection type. Link: SonicWall VPN Clients | NetExtender & Mobile Connect…
  • Absolutely. That is one of the best things about SonicWall firewalls. You can program a different network (and Zone) for each interface on the Sonicwall. You can also take advantage of Sub-Interfaces where we can assign VLANs to separate our networks. (this could place a VLAN on XO that can be used for Voice Traffic) Link:…
  • SSL VPN traffic is defined in the SSLVPN zone. You would be able to place an ACL to allow/restrict traffic via an Address Object. "Once the user successfully logs into the VPN he/she is essentially part of the LAN and can access any host on the LAN" --- kinda, Once a user successfully logs in, they would be provided a…
  • Your SSLVPN users may adopt some password restrictions depending on how you authenticate the users. An example would be Active Directory. If your policy says to lock the account after 4 failed attempts, the 5 default attempts don't really come into play. Are the any limits in the TZ400 on how many times this login can be…
  • Ouch, This all sounds painful. Have you considered rebuilding the firewall? - hear me out. I have had odd issues with my configuration that I could not explain, ended up rebuilding it, never had the same issues after. Over time, changes to the configuration along with many versions of firmware updates or even hardware…