MarkD Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
If this is for log storage you could try defender for cloud apps and a local collector if you need SIEM to make sense of the noise, MS Sentinel and integrate your MS defender
-
The firewall by design will talk to the internet for its internal service, its not unsolicited its required by the appliance, License management Internal DNS Timesync security services. etc…. To monitor these, use the Monitor/Tools and Monitors/Packet Monitor/ Advanced Monitor Filter Enable this to include firewall…
-
I think clarification of the question needs to be "how large a network" Is there a requirement need to implement security services within the core for traffic or would this to be used to protect specific services within the network that is not externally exposed.
-
There is no difference in the implementation if rules between Gen 6 and Gen 7 TZ - Gen 7 Interfaces are in Zones Gen 7 - is Zones Gen 6 - is Zones I just doesn't say Zones As for rules:- SonicWALL provide a migration tool within the Tools/Migration tool of your my SonicWALL Portal.
-
I mean the address object used in the rule of you laptops IP 172.16.31.200 check that it is in the zone "WLAN" and not LAN and you use this object in the WLAN-WLAN management rules
-
Try changing the P1 and P2 lifetime timers - try 3600 (1 hour) on P1 and 288000 so they dont collide When there is a mismatch, the most common result is that the VPN stops functioning when one site's lifetime expires. The tunnel does not completely rebuild until either the site with an expired lifetime attempts to…
-
The Doc is now quite old but I assume that the idea of the firewall sandwich still applies on the higher end models.
-
I suggest your laptop IP address 171.16.31.200 - isn't in the WLAN zone
-
Hope this solves your issue 😀
-
Set log level to informational - the log will fill up really quickly or send this to syslog/SIEM server for more in-depth analysis If there is something specific you are looking for use the packet monitor to match
-
Do you have GAV enabled, if so temporarily disable and test. Have you reviewed the event logs?
-
Rules are applied to Zones, so it would depend on what zone your W0 interface is in hence my 1st question. Next is management enabled on your W0 interface And is there a rule Zone-ZOEN (IE) WLAN-WLAN management access for your IP 172.16.31.200 as the source or is it just source ANY as in the image?
-
What zone if the W0 interface in WLAN? is management enabled on the interface? is there a rule WLAN-WLAN management access for your IP 172.16.31.200 as the source
-
Nope its not an option, once connected, the external IP is bound into the VPN stack. Use another machine or try VM on the same.