Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Possible TCP Flood on IF

Andy_357Andy_357 Newbie ✭
in Entry Level Firewalls

Hi All,

Need some Help/Advise, I've just started using my Sonicwall's and first job has been to get backup replications working between offices. So I get this alert when the backups run is there any suggestions on how to whitlist subnets/IP's so I don't get the alert on these devices?


Thanks

Category: Entry Level Firewalls
Reply

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    When you say you get this 'alert', how are you receiving it? Email?

    You can disable email alerting on specific log entries.

  • Andy_357Andy_357 Newbie ✭

    Hi TKWITS,

    Yes I am getting the alert via mail but thats not the issue, I want "Alerts" via mail but what I want is to be able to acknowlage this so the system dosn't see this traffic from host X to host X as possible flood.

    Since I want to know potentually in the future if this is happening during say outside of backup times or from external in or vice verser.

    Thanks

  • ArkwrightArkwright Community Legend ✭✭✭✭✭

    Check Firewall Settings -> Flood Protection and adjust the thresholds to suit.

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    It's either on or off. Yes, you can adjust thresholds but you cannot specify exceptions like 'ignore host 1.1.1.1' or 'ignore between 8pm and 10pm'.

    Whether or not the thresholds correlate to the 'possible flood' log entry im unsure of, since 'possible flood' is a vague statement.

  • ArkwrightArkwright Community Legend ✭✭✭✭✭

    Hmm, could have sworn you could select an address group to include in flood protection settings? Guess not.

Sign In or Register to comment.