Comments

• And from time to time they can break my firewall, good thing I have HA in place otherwise my network would be down… I think that this issue is with the newer version of the firmware 7.1.1

  in Is anyone getting hammered by password spray attacks recently? Comment by César_S April 10
• Exactly the same issue, how they bypass the domain i don't know…I've changed the domain a bunch of times to see if they would be able to pick it, and they picked it all the times. Changing the port is an option, but…its easy to get the new open port.

  in Is there a way to prevent pending logins from taking up VPN connections? Comment by César_S April 8
• Ah, you're using SMA, I'm using a TZ, I don't know if I will have the same options as you do. @mwatson536 you can send me a message with the configuration?

  in Is anyone getting hammered by password spray attacks recently? Comment by César_S April 7
• Hello gentlemen, it just started like 2 weeks ago for me... Enabled MFA Enabled lock IP forever after 3 tries Disabled the virtual portal for the outside But even then they still trying... I even changed the domain to see if it would help...nope it looks like theres some way to bypass that?

  in Is anyone getting hammered by password spray attacks recently? Comment by César_S April 6
• Thank you for letting me know

  in CFS blocking chatGPT Comment by César_S March 15
• That did the trick, thank you very much.

  in CFS blocking chatGPT Comment by César_S February 5
• Here? I'll be honest...that never crossed my mind...

  in CFS blocking chatGPT Comment by César_S February 2
• I have it disabled. The info on the "Enable HTTPS Content Filter" says: "HTTPS Content Filtering HTTPS content filtering is IP based, and will not inspect the URL. While HTTP content filtering can perform redirects to enforce authentication or provide a block page, HTTPS filtered pages will be silently blocked." My guess…

  in CFS blocking chatGPT Comment by César_S February 1
• It does work from outside. Like I said, it doesn't work when i have CFS configured with "Scan HTTPS" enabled. As soon as I turn it off it works ok.

  in CFS blocking chatGPT Comment by César_S February 1
• Forgot to mention that I've looked into the logs and also Packet capture, with no luck...

  in CFS blocking chatGPT Comment by César_S February 1
• @MustafaA ignore my last comment, I just used my head. And it is not working because It is not translating the SSL subnet to the WAN IP, because of the "original/original". And most likely that's why It works when I turn the NAT rule that i've created, because it translates the SSL IPs to the WAN.

  in SSLVPN access to WAN Website Comment by César_S January 9
• It looks like it can't use the default NAT policy route. might be because the priority is at 62 (It is the last policy on my NAT rules) _____________________________________ Default NAT Policy_2 Any Any Any Any Any Original Original Original

  in SSLVPN access to WAN Website Comment by César_S January 9
• Without the NAT rule, the packet is only "Generated", I don't get any dropped packets. I need to enable the NAT rule to start getting "Consumed" packets.

  in SSLVPN access to WAN Website Comment by César_S January 9
• Thank you @MitatOnge.

  in IPSec and ATP Comment by César_S March 2022
• Hello, that was what I just did. And it looks like it is working now. Also, MitatOnge, do you think that it is worth it to have GAV also scanning outbound connections?

  in IPSec and ATP Comment by César_S March 2022
More Comments