Firewall Management access rule strugling with little check box.
MitatOnge
All-Knowing Sage ✭✭✭✭
I wonder, What is this check box doing here? I was trying to provide firewall management over X0 IP from another zone.
I wasted hours of my time because of this check box.
Isn't it possible to grant permissions for the Firewall management rules under a single menu? Is it that difficult?
Category: Firewall Management and Analytics
0
Answers
It makes sense to me - the management interface of the firewall should be protected to the fullest extent possible, and having to explicitly enable management on an access rule, in addition to enabling management services on the interface, is a price worth paying.
Although usually enabling management creates the access rules.
I agree some of your sentences but management acl should be under one menu. they should put submenu under the Administrative menu and we able to select which interface accessible for management and which ip can access the management interfaces. that is it.
think about it; we have hundreds of access rules sometimes thousands and how to find and resolve management access problem?
This check box doesn't show any errors on the logs or another places even packet trace menu. Just show policy drop. What is the mean policy drop? which one policy droped? where? like below screenshot.
sonicwall doesn't provide drop code and module id for SonicOS7.
Software engineers must simplify these processes and much more create visibility.
We cannot see the droped connections. which rules block the packets.
Sonicwall developer teams have to and must improve visibilty.
What is the mean policy drop? which one policy droped? where?
That's a very good question, and not even specific to this management issue. Even a UUID of the rule that dropped it would be a start! On calls with Sonicwall support where they themselves have been trying to troubleshoot this, they couldn't give an explanation of why no rule is given in the drop message.