Comments
-
Go to your X0 interface and set it up: You'll still need a connection between your switches, as Ubiquiti doesn't support MLAG, and I don't think the TZs do either.
-
This just keeps getting better and better... The device is registered. absolutely blank/nothing on the License page. Hopefully a reboot fixes this. Users had a great time doing whatever they wanted today. Hopefully they didn't infect anything. I'm so tired of SonicWall's crap. Seems like they hired whoever Quality-Control…
-
Seems SonicWall is slipping...
-
Could the MTU have been the problem? Possibly. MTU mismatch can cause all kinds of anomalies. What should have been the correct size? Depends on what the PMTU test returns as your WAN's MTU on each firewall How does the ignore don't fragment bit affect the tunnel? This shouldn't really affect your tunnel much at all.…
-
I think I finally solved the similar issues I was having by setting Geo-IP to "Per Access Rule" instead of "Global", and then I edited my WAN->WAN access rule and set the Geo-IP Allowed Countries (under the specific rule's Security Settings) to United States. Cut down nearly all of the issues I was having with other…
-
Thanks. Going to try this today.
-
I had allowed countries set under the main Geo-IP settings, and then in my individual rules for incoming services were set to US only. I guess I didn't understand that those individual rule settings I had changed to "custom" instead of "global settings" and set to US did not in fact do anything at all until the main Geo-IP…
-
update: I just switched to per-rule Geo-IP filtering, and added the allowed countries to the LAN->WAN list (and other internal networks). Now my WAN->DMZ rules that have USA only might work. We'll find out!
-
Bumping this up as it appears it is still happening. Access rule has USA as only listed allowed country, but getting hammered from UK, Canada, France, and more... When I look up the IPs in Diganostics sub-tab of Geo-IP settings, each country seemingly is correct, aligned with a lookup on arin.net Now on version SonicOS…
-
depends on: -speed of your internet pipe at each location -QoS settings -amount of users at each location -security services used at each location/on each firewall (all of the above come into play for each firewall's load) I don't think I've tested from a TZ to TZ in a long time, but with 1gbps/1gpbs DIA fiber at all…
-
What are your UDP timeout settings? You might need to increase those. Any insight as to what PBX & endpoint you're working with? That may help.
-
Do you have mDNS enabled between the vLANs? I don't know for sure if it's even possible with both of them being in the same zone. You may need to have one of those vLANs set to something different (even if trusted equally/same settings are used)
-
did you create a rule to allow LAN->SSLVPN ?
-
@CROVERT This will be the case for ALL Windows software that's not meant for ARM CPUs, or "Windows RT". Basically, if it doesn't come from the Microsoft Store, it won't work in your Mac-hosted VM. My suggestion would be to use a Windows laptop instead of the Macbook if you need to run Windows Applications, or carry two…
-
For "disable group VPN management", disable HTTPS/HTTP/SNMP management for the "WANGroupVPN" under Network/IPSecVPN/WANGroupVPN. You may also need to do that for "WLANGroupVPN" Unless it means to completely disable GroupVPN, which in that case- migrate any VPN users to SSLVPN and disable it with the switch on the IPSEC…