Comments
-
I found a solution by simply deleting the route via NxConnect.bat
-
Hi @TKWITS With the current NetExtender version 10.2.341 we now have a similar case. A domain-joined workstation also establishes a NetExtender connection - I even specify the local DNS server in the SSLVPN settings. As soon as the connection has been established, the local DNS server is no longer accessible. With Route…
-
Michael@BWC If you go by the logic in the manual, it shouldn't be shown on the MC either. But I have less hope that the threat actor doesn't know the MC. That's exactly why it would make sense to hide it everywhere.
-
Hi Michael@BWC On the SMA, the domain list can be hidden on the portal. But the list is displayed again in the Mobile Connect Client. Is this intentional or is it more of a bug?
-
thanks to Frederico on Google-Help: to disabled TLS 1.3 hybridized Kyber support by GPO Updating ADMX files for Edge and Chrome: Computer Configuration > Policies > Administrative Templates > Google > Google Chrome > Enable post-quantum key agreement for TLS > Disabled Computer Configuration > Policies > Administrative…
-
I found the feature in Edge and Chrome: TLS 1.3 hybridized Kyber support But it must not happen that users can bypass DPISSL (or blocking). SonicWall must react quickly to this.
-
@happy_harry I have the same problem with v124 Edge stable. Contentfilter and DPISSL no longer work - regardless of whether normal or incognito
-
Michael@BWC thank you for the fast information. I assume that it will now affect a lot of users and SNWL should provide a solution. Even Draytek has implemented it into the configuration.
-
Hi Michael@BWC the topic seems to be older and I can't find anything on this topic on SNWL. With the new Edge version 124 stable, the content filter and DPISSL are bypassed.Is there a way to block DOH enough so that the content filter and DPISSL work again?
-
Hello, has anyone tested this yet? Actually a great idea. Can TOTP still be used if the Virtual Portal is disabled? Or can no app/device be paired anymore? Thanks
-
Hi, is there anything new on the subject? I'm a bit worried about the info from MS regarding Edge 113. Microsoft recommends that enterprises that have break-and-inspect proxies or other scenarios involving TLS server certificates issued by roots not in the Microsoft CTL to proactively identify and report any compatibility…
-
Hi @leohsu , with the same environment and configuration but on Gen6, there were no issues and lags with 120 users. Even with OTP it went very quickly. Also no increased CPU load on the NSa device.
-
Hi, Unfortunately, we have also experienced (NSa6700 - SonicOS 7.0.1-5080) that the SSLVPN connection is extremely slow for more than 50+ users. It takes even longer if OTP is used. Individual clients with 10.2.331 also take a long time. So we don't yet believe that it will really be faster if all clients have been…
-
Hi All, We have a similar case. Migrated from Gen 6 to Gen 7 (5065) and then updated to 5080. All auto-generated VPN ACLs with adapted destination ports are no longer met. These rules can also no longer be deleted if generation is suppressed. Also the DPISSL exceptions no longer work like it worked before with the CFS…