Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Selecting one NAT policy will also select other NAT policy's

Hi,

When I select one NAT policy at the NSA 2700 appliance it will also select other NAT policy's automatically. This results in unwanted deletion of policys. Looks like the policy are dependent or grouped.

Any idea how to prevent this?

Thanks!

Category: Mid Range Firewalls
Reply

Answers

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Jour which Firmware Release you're currently running? I tested on a TZ 670 with 7.0.1-R5023 on Firefox, I created a NAT Rule, cloned it and changed the Service Port. Then I selected the first NAT rule and hit Delete, the Clone was still there.

    Can you reproduce this and what steps are necessary?

    --Michael@BWC

  • JourJour Newbie ✭

    Hi @BWC

    Thank you for your reply.

    We are running the same firmware version (7.0.1 R5023) as you. When following your steps I am able to create, clone and change the service port of the cloned rule. In that case the two rules are not grouped to each other when I select one of these.

    When I try to change/edit an existing NAT policy it will open another policy. Looks like the NAT policy that opens is one of the policy that's also grouped to the policy that I want to edit.

    Did hope it was a checkbox some where to ungroup the policy's, but maybe it's a bug. I tested the steps also in Firefox to be sure it isn't a browser issue.

    Thanks! Joury

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Jour I'am not aware of any grouping, but the existing NAT rules you're talking about were created on the NSa 2700 or were they imported from a Gen6 Appliance?

    In the early days of Gen7 (around 7.0-R7xx) I reported a problem that VPN Interfaces with similar names couldn't be properly selected in Network Routes, maybe it's somewhat similar that the rules cannot be distinguished from another. But I can't force to reproduce.

    --Michael@BWC

  • JourJour Newbie ✭

    @BWC , you are right, they were imported from Gen 6 (NSA2600 Appliance).

    The problems that you have seen at network routes in the early days of Gen 7, were they also imported of a Gen 6 appliance?

    Thanks! Joury

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Jour no the network routes from back in the days were initially created on the Gen7.

    But they are plenty of reports that importing Gen6 configs are messing things up hard, maybe you found a gem yourself.

    Did you already jumped through the Support hoops, I guess it'll come to that.

    --Michael@BWC

  • @Jour , did you use the migration tool? https://migratetool.global.sonicwall.com/

  • JourJour Newbie ✭

    @MasterRoshi , no I didn't. Wasn't aware of this tool.

    But will be very helpful for the SonicWALLs in the future that we want to migrate from G6 to G7.

    Thank you for this helpful tip.

Sign In or Register to comment.