Comments
-
All of my non-HA pair units were already on 7.1.2 and it still happened.
-
I thought 7.1.3 would be good to go as well from other posters. I waited a few weeks and saw lots of good reports…. I will add to this thread that upon factory-resetting the devices (and HA-Pairs), restoring the config that was created right before installing the update has seemingly resolved the issues. Just had to be…
-
Apparently these issues affected a TZ670-HA pair, and quite a few TZ400s as well. SonicWall is becoming a cuss word around here…..
-
I typically go to the DPI-SSL page, then go to the tab "Common Name", and then hit "show connection failures". From the list, I can then exclude specific URLs from DPI.
-
It removed some Access Policies and a few Routing policies for us. Some IPSEC tunnels never came back either. Had to rebuild those from scratch.
-
It says 7.1.2 is available now for all Gen7 devices, but the download is nowhere to be found… I was going to be brave and test it out in the lab.
-
Just assign a zone (LAN) to x8, and an IP address, and then assign a zone (WAN) to x9 and set static/DHCP accordingly. BTW, you're never going to see 10gbps throughput, up or down. Yes, it has 10gbps interfaces, but firewall throughput is 5gbps per SonicWall documentation (perfect conditions in a lab setting), and if you…
-
Go to your X0 interface and set it up: You'll still need a connection between your switches, as Ubiquiti doesn't support MLAG, and I don't think the TZs do either.
-
This just keeps getting better and better... The device is registered. absolutely blank/nothing on the License page. Hopefully a reboot fixes this. Users had a great time doing whatever they wanted today. Hopefully they didn't infect anything. I'm so tired of SonicWall's crap. Seems like they hired whoever Quality-Control…
-
Seems SonicWall is slipping...
-
Could the MTU have been the problem? Possibly. MTU mismatch can cause all kinds of anomalies. What should have been the correct size? Depends on what the PMTU test returns as your WAN's MTU on each firewall How does the ignore don't fragment bit affect the tunnel? This shouldn't really affect your tunnel much at all.…
-
I think I finally solved the similar issues I was having by setting Geo-IP to "Per Access Rule" instead of "Global", and then I edited my WAN->WAN access rule and set the Geo-IP Allowed Countries (under the specific rule's Security Settings) to United States. Cut down nearly all of the issues I was having with other…
-
Thanks. Going to try this today.
-
I had allowed countries set under the main Geo-IP settings, and then in my individual rules for incoming services were set to US only. I guess I didn't understand that those individual rule settings I had changed to "custom" instead of "global settings" and set to US did not in fact do anything at all until the main Geo-IP…
-
update: I just switched to per-rule Geo-IP filtering, and added the allowed countries to the LAN->WAN list (and other internal networks). Now my WAN->DMZ rules that have USA only might work. We'll find out!