Comments
-
DPI-SSL is becoming a no-no for more and more sites. As long as a browser does a one-way check (i.e. the client checks the validity of a certificate and is served up the certificate of the firewall, so it thinks it's ok) then it works fine. But more and more sites do a cross-check, where the remote site 'asks' the browser…
-
I see that too. My guess is there are some IP-ranges tied to the wrong country in the firewall.
-
Why yes - posted about this a couple of months ago: Access Rule to block MAC-adress — SonicWall Community Created a rule to block the MAC-address, but that doesn't seem to do anything. I think because the packets are already dropped before any other rules come into action. Anyway - I configured the log to skip the…
-
I am running my vulnerability scanner software Might I ask what software you are using for those scans?
-
If I try to increase the value beyond 10240 (10 MB) it presents an error. This is indeed a problem - we frequently transfer files a lot bigger and a surely would like them to be examined by Capture ATP….
-
That's why I changed it: Stil the log is flooded with these events. So again - is there a rule that drops these packets before it reaches the Access Rules or did I make a mistake in my blocking rule?
-
Ok, but it still doesn't answer my question - is there a rule that drops these packets before it reaches the Access Rules or did I make a mistake in my blocking rule?
-
Doesn't seem the default gateway? Why would it change it's IP-address and destination port all the time? Another screenshot of the System Log: Destination address 213.124.92.22 is our WAN IP address. Notice the different source IP-addresses - they all have the same MAC address and vendor (Nokia). There are hundreds of…
-
I thought we were waiting for a stable 7.1 release?
-
I'm not sure exactly how certificates work, but I think it's either one-way or two-way. Correct me if I'm wrong. With the one-way method, the client checks if the certificate is valid. If ok, then connect. With the two-way method, the client checks if the certificate is valid and then the remote site checks the clients…
-
Maybe a Content Delivery Network (CDN)-thing? Those big sites use numerous CDN's so when you visit Ebay, the browser gets it's data from CDN 'A' and the next time from CDN 'B'. And if that CDN happens to be blocked, for example by Geo-IP, then it won't load.
-
Just received an e-mail for firmware version 7.1.1-7047. Which seems to be a tiny update, looking at the previous version number 7.1.1-7040. Release notes don't list any resolved issue compared to the previous one?
-
The latest firmware is SonicOS 7.0.1-5145 and no, not all known issues are fixed. See the release notes.
-
And what error might that be?
-
by setting Geo-IP to "Per Access Rule" instead of "Global" Ok, this setting is on the page Security Settings - Geo-IP Filter tab Settings. There you can set Block connections to/from countries selected in the Countries tab and select either All Connections or Firewall Rule-based Connections. I've got mine set as All…