MarkD Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
IKE id - I would suggest on the Checkpoint is based on IP address - as is the Sonicwall by default. First try enableing NAT traversal under IPSEC VPN advanced As your firewall is behind a NAT device, the checkpoint will see the request from the external Natted WAN address but the IKE identifier is the pre-natted address of…
-
review the configuration you have put in place on each device.
-
those entries are detailed in your link - Network access
-
Sounds like you were taking advantage of a quirk in the Wachguard VPN stack which bound to one interface. if GVPN functions as Netextender does NetExtender also adds routes for the local networks of all connected Network Connections. These routes are configured with higher metrics than any existing routes to force traffic…
-
Multiple IP ranges work fine for Inbound and Outbound Configuring Multiple WAN subnets using static ARP with SonicOS Enhanced | SonicWall The ISP's upstream router needs to be configured to forward this address range directly to your X1 Primary IP WAN address Create WAN address objects for your new host IP on that WAN…
-
The internal log storage is limited, you could setup a syslog server (something like Kiwi syslog) on another machine and send the logs for further analysis.
-
A network object for your X3 WAN interface (it should already be there Create an address object for the LAN devices you want to use this X3. Create a NAT policy ie org source LAN-OBJECT translated source X3-OBJECT - dest original original Create a route policy LAN-OBJECT destination any outgoing interface X3 you may need…
-
You can't set those, the flags are within TCP stack for your device, as the source port is 513 this appears to be the Rlogin service - I'm assuming on your Solaris box (although it dose not show the source IP)
-
XMAS tree attack is referring to the TCP flags that are set in the Notes Field. In this instance four of the possible 6 flags are set URG ACK PSH FIN simultaneously
-
I wouldn't suggest bridging the WAN to LAN through this device, you will compromise the security. is there a reason for it to be seen as a LAN address and not its external? you could try create the address objects 192.168.1.14 Zone LAN, object 10.1.10.100 WAN add a NAT policy original source 192.168.1.0/24 original…
-
In the device/log/settings - import the firewall action the logs should then show the action against the firewall rules.
-
The device should be accessible on the external IP address 10.1.10.100 from internal devices 192.168.1.0/24 for outbound traffic. The web servers MAC address should also be visible in the ARP table on the X1 interface. what is this? Static 192.168.1.14 (set this IP address to connect to X1 LAN's Web Server IP 10.1.10.100…
-
Check that you have bidirectional port matching enabled on the packet monitor, if so the server you are trying to connect to is not responding You send the TCP SYN to start the 3 way handshake but nothing is shown coming back.
-
There is definitely information in the release notes for 12.4 Supported Firmware Levels Client systems running version 12.4 client software can be used with SonicWall SMA appliances running one of the following firmware versions: 12.4.0 + latest hotfixes -> 12.4.1 12.1.0 + latest hotfixes -> 12.4.1 12.3.0 + latest hotfixes…
-
I think you will encounter an error when trying to use the same encryption domains/ destination/ interesting traffic - whatever terminology you are familiar with. IPsec Name: Address object XXX overlaps in XXX Network policy On an IKE V1 IPSEC site-site VPN you have the option for a primary and secondary Endpoint If you…