Best Of

Re: Help

Hi @isaiasants

You can configure as agrasive mode ipsec VPN.
Check below link.

https://www.sonicwall.com/support/knowledge-base/configuring-aggressive-mode-site-to-site-vpn-when-a-site-has-dynamic-wan-public-ip-address/170505565649605/

MitatOnge

Re: Help

@isaiasants,

In order to establish the Ipsec VPN tunnel through 4G modem, You would have to open the following ports from 4G modem to Sonicwall Wan interface; ( Once you open below ports, follow the above KB shared by Mitatonge)

1) IKE (UDP 500): This is the port used for the initial negotiation of the IPsec connection.

2) ESP (IP 50): This is the port used for the Encapsulating Security Payload, which provides the encryption and integrity for the data being sent over the VPN connection.

3) NAT-T (UDP 4500): This is the port used for NAT Traversal, which allows IPsec VPNs to work across networks that use Network Address Translation.

Ajishlal

Re: Getting a bunch of Gateway AV alerts in the last half hour - sig 22097568

@solmssen you have to activate this option in the Internal Settings of your Firewall.

Get into the internal settings (shown below) and activate "Log Virus URI" in the Security Services section. Please don't mess around with the other settings, they are not documented publicly and can cause a lot of trouble.

https://www.sonicwall.com/support/knowledge-base/how-can-i-access-the-internal-settings-of-the-firewall/210715101110437/

--Michael@BWC

BWC

Re: GVC and DHCP

It is basically just so you can direct the DHCP messages to 1 DHCP server if you want to do that. I don't believe you actually need to do that with GVC. The only documentation I can find about it is for site to site VPNs. I wouldn't even bother setting it up. We use SSL VPN and all I did was set up a range of IP addresses and didn't need to establish a DHCP server for them. Hope this helps!

Drew_Schwedland

Re: Configuring Net Extender For Local Printer Access

@headrush

try below. make sure the HP printer is hosted & shared on destroyer (pc name)

net use LPT1 \\DESTROYER\HP718FC4 /persistent:yes

NB: if netbios name is not resolved use that PC IP.

Ajishlal

Re: double restart options

@Enzino78 the mystery is still unsolved, no feedback from SNWL so far. It's a NSa 4700 and up thing, that's all we know so far.

https://community.sonicwall.com/technology-and-support/discussion/4449/sonicos-7-0-1-5080-restart-system-vs-restart-sonicos

--Michael@BWC

BWC

Re: EPRS not working

There was issue earlier but it got now fixed by Dev now. Snippet from my setup :-

Thanks & Regards,

Santosh.

skesarwa

Re: critical alert in SIEM

To expand what JGRIMES said:

What you are seeing is what the IPS engine is reporting as evidenced by the 'description'. Technically, an echo-reply is not an 'attack', the IPS engine is just identifying it as such. You can either configure the Sonicwall IPS feature to not log echo-reply's as attacks, or tell the SIEM to ignore similar reports.

TKWITS

Join the Conversation

Best Of