Comments
-
Hello again. After testing how to import objects, for example with a simple SSH connection, I think that adding all FQDNs is not the best way to solve Microsoft Office 365... Can I use in some way the App Control Advanced?...BUT not to block....I need to enable certain applications that I see listed in the categories /…
-
Yes TKWITS , I know the full configuration Export/Import. But the idea was only to import export Address Objects. There was some way, importing a json file.....SonicOS API?..... I haven't tried it yet, need to read about it. Did you test it? Thanks.
-
Thanks again Saravanan ! I realised that I was missing some rules, and enabling outgoing traffic to the fqdn(s) Group is doing the job now 👌 Yes, your are right about the Pakcet Monitor, powerful and useful tool. Once I have this test working on a soho device, is any easy way to export/import an Address Group from one…
-
Thanks for your answers TKWITS and Saravanan , I am dealing with FQDN(s) we can see on this Microsoft article: Besides this article, we can run a powershell script to get updated data (urls for our FQDN(s) Objects) in a txt file: Generated File:…
-
Ok Saravanan !!! I will do it. Thanks for your answers.
-
Hello Saravanan , I checked it and I don't have it configured. Some hours later, I can access this web (dind't change anything)... Very strange situation.... Thanks for your answer!!!
-
Hello Ajishlal , same DNS, not dns issue. Thanks RogerMoran . It is a very strange issue... Thanks for your answer.
-
Hello, ok, it was obvious that yes, my new interface (subnet), under Lan zone, comunicates with LAN (X0), but I'm still not receiveing dhcp on my remotes GVC. I have tried the settings suggested by Ajishlal (new subnet, on one free interface, and new dhcp scope that runs ok if I patch directly on its). To test it, I change…
-
Hello Ajishlal _ sorry for this delay and thanks again. One question about your config., I think you told me to set this new subnet under my LAN ZONE, to grant access to my LAN Devices directly from my GVC clients...., Am I right? I guess that my NSA will allow directly communication between new subnet <==> LAN because…
-
Thanks for your reply.
-
Your are right shiprasahu93, but I don't have that licensed in all my devices, and yes, it works fine where it is licensed. So, I sould assume that there is no reliable way to deny an FQDN object via a simple deny rule...shouldn't I? Thanks!
-
Thanks @SWuservpn, just connecting each switch be fed into each of the firewall port. That's correct. "You can use any VLANs above 30 to be safe" = I suppose that with this advice you mean to avoid conflicts with the internal identifiers that the NSA uses, in case I used a trunk port between NSA and a switch. NSA: Starting…
-
Sorry for the delay, Thank you Ajishlal , I will do that about dhcp, as soon as possible!!! Regarding the problem I was commenting on above, we finally had a device (not a pc) that was crazy, claiming all the assigned ip's as if they were its own ... Thanks again for your time.
-
Hello Ajishlal , I haven't. I left 0.0.0.0 there, that is an error I suppose. Now I rollback, because I have another strange problem. Many pcs can't connect in the LAN. A simple ipconfig shows that there is ip conflict (duplicated). I can see that my dhcp is being bombarded by queries rapidly taking up all available…
-
Hello again shiprasahu93 , Thanks for your answers. Global VPN Client Version = 4.10.5.1021 Yes, happening to all users. I will read that KB, and let you know. Thanks!