Best Of
NetExtender 10.3.1 Will Not Install on latest version of Windows 11 Enterprise
Several new laptops are running Windows 11 and cannot install NetExdender 10.3.1.
I have tried both the 64-bit .exe and the .msi versions of the installer.
When I try to install the .exe as administrator, I get the error "The installation of SonicWall NetExtender has failed, and the process will be rolled back." I select the "Ok" button and it goes away.
When I try to inst all the .msi, I get the error "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." I select the "Ok" button and the installation seems to proceed and finish. I select the "Finish" button and NetExtender launches. However, it says "SonicWall NetExtender Service is not running! Please restart system or contact IT for support." However, after a few seconds, the first line changes to "SonicWall NetExtender Service does respond!"
I have also run the NetExtender Cleaner Tool and rebooted several times. I have changed the permissions on the "C:\Program Files\SonicWall" folder to make sure I have full control. I have searched the registry for SonicWall and NetExtender and deleted all entries.
I am at a loss as to how to correct this problem, and I have remote workers who cannot do many of their tasks.
Any help anyone can provide is appreciated.
Re: BHO.CJQF (Trojan) Alerts
Hey there,
We are seeing hundreds of these false positives over the last two days. Started late night on Feb, 3rd 2025. Pacific Time Zone.
We have tied them to this Windows Update: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.421.1696.0) - Current Channel (Broad)
It's happening at all of our 5 offices and is mostly a nuisance at this point.
This is pretty common for the SonicWall to identify a Windows update as a Trojan or other malicious payload. I wish I new a good place to report them to so SonicWall could push out an update.
The source IPs are resolving to common CDNs and the destination IPs are our Windows workstations and servers.

Adding Employees in Securefirst Partner Portal
Anyone have a clue as to how to add employees/students into the Securefirst Partner portal?
Some documentation/help topics in the portal would be nice.
Re: NSv VM backup in Azure
Following up on PUMA's question - I'm looking to get a backup of this VM - has this issue been resolved?
Same error on Azure Backup:L ExtensionOperationFailedForManagedDisks

Re: SonicOS Firmware 7.1.3 or wait for 8.0?
Don't just cross your fingers, export a good config before updating to 7.1 and plan to import it immediately after.
Many of us waited for 7.0 only to be disappointed for over a year after initial release. I don't see 8.0 going any differently.

Re: SonicOS Firmware 7.1.3 or wait for 8.0?
I asked my Account Manager what the meaning of the last security alert (issued January 29) was. Her take was simple: every 7.0.1 should be running the latest 7.1.3 firmware (unspoken was the need to suffer through any problems) or turn off SSL VPN altogether.
The 8.0 firmware is currently only available with the TZ80. The premise for that [let's put our foot in the water to see what the temperature is] device is an MSP is going to purchase it (for $99) and then invoice the client for the appropriate security services for as long a contract term as they can get (either annually or monthly). There is little to no indication existing Gen 7 devices will - or can - be "upgraded" to enable this firmware; nor is there any hint of other Gen 8 hardware devices on the horizon (but what do i know?).
Purportedly the primary difference between the Gen 7 and 8 firmware is the ability to detect when a subscription has expired to be able to stop those services from running, effectively bricking the appliance. And allowing for resumption of service when the annual or monthly subscription is renewed.
By mid-March, I'm going to venture an update on my office TZ270W from 7.0.1 (with gobs of backups) to 7.1.3 before attempting same with my client devices.

Re: TCP sequence number randomization needs to be disabled for some websites
To expand on Arkwrights reply: Some implementations of firewalls will be more sensitive to things like sequence randomization.
While it's likely part of a published spec, not every manufacturer follows specs, and not every admin keeps firmware / OS / software up to date to meet said specs.
Vent: The internet is the wild west and many don't realize how lucky we all are that its so resilient to all the constant changes. Bless the makers.

Re: SonicPlatform - are you ready?
Late to mid January 2025 and SW had another MSP-centric webinar which included a segment about SonicPlatform.
Thankfully, this MSW replacement is still in BETA mode. It is designed to take the place of all the disparate platforms to present the ultimate SPOG for all SW partners to handle Firewalls, Access Points, Switchs, NSM, CSC, monthly billing, etc.
I spent 30 minutes yesterday evening going through the UI.
My take: It is gonna be another three years before this partner will venture a second look…

Re: SonicWall® Terminal Services Agent 4.0.16
Steph, best of luck with your TSA journey, it seems DC and TSA are the forgotten childs. It's very hard to argue with a customer to deploy such outdated software components.
I had trouble getting it to work with Windows 2022, but I'am not sure at this point if it was TSAs fault.
—Michael@BWC
