Comments

• Can you just clarify, does access to the internet from the firewall itself work? I am not sure if you should be able to see anything in ARP entries in a VLAN on PPPoE. TBH I don't think I've seen VLANs-over-PPPoE before. Plenty of it the other way around though.

  in NAT access is not possible with Multiple IP address WAN Comment by Arkwright December 20
• Great stuff, thanks for that, waiting for part 3!

  in Interesting articles on the exposure posed by the SSLVPN vulnerability in SonicWall firewalls Comment by Arkwright December 19
• Come on Larry, it's Christmas 🤣🤣🤣 But seriously, my hope is that it will help anybody who did google it.

  in How to create VLAN for WiFi network in Sonic wall Comment by Arkwright December 13
• in How to create VLAN for WiFi network in Sonic wall Comment by Arkwright December 13
• There is tick box on IPsec VPN tunnels specifically for allowing management. Check it.

  in Can't access management interface of remote TZ270 via VPN Comment by Arkwright December 13
• You could cripple NetExtender settings to stop it being used as a VPN as suggested, and then give users who need VPN access with Global VPN Client.

  in NetExtender disable, SSLVPN/VO Links working? Comment by Arkwright December 12
• The TZ670 is rated for 5.0Gbps without DPI-SSL. That's aggregate throughput when every physical interface is in use [eg 5 WANs and 5 LANs]. Don't expect to see those numbers in real life [real life = 1 LAN and 2 WANs, for example]. I am not 100% clear on what control plane traffic is. I assume using the management…

  in TZ670 - Control Plane Flood Protection Threshold Exceeded Comment by Arkwright December 12
• Check your throughput stats, do you see these events coinciding with peaks in thoughput?

  in TZ670 - Control Plane Flood Protection Threshold Exceeded Comment by Arkwright December 11
• Check the logs.

  in Site To Site VPN Between TZ370 and Trendnet TWG-431BR Comment by Arkwright December 11
• You can override this in /diag.html but I assume there has to be a reason why it gets disabled by default. This is an interesting article [although much is implied rather than explicitly stated] - it suggests to enable PortShield before enabling HA and it will work.…

  in Portshield in High Availability - SonicOS 6.5.4 Comment by Arkwright December 11
• How can I work out if any given connection is inspected? I think I might have an answer but would be grateful if my peers could try to validate this one for me…. Connection Monitor. Change destination port to 80, Flow Type to HTTPS. Every firewall I've checked, this looks like DPI-SSL. Firewalls with DPI-SSL disabled have…

  in Troubleshoot DPI-SSL connections Comment by Arkwright December 6
• Did support give you any specific notes on the hotfix?

  in Speed Test Issues with DPI Enabled on SonicWall NSA 4700 nsa Comment by Arkwright December 5
• Can anyone suggest any tools to help me t/s this? What is the status of the probes in F&LB?

  in NEW 3700: no WAN traffic on ANY interface Comment by Arkwright December 4
• At this point I'm about to do a conversion/restore from the configuration tool and just fix the mess after validating connectivity. That would have been my starting point.

  in NEW 3700: no WAN traffic on ANY interface Comment by Arkwright December 3
• The TZ370 is an upgrade from a TZ300, and the configuration was imported from that (after converting it in the SonicWall online tool) OK, that's a plausible explanation. If you know you have flat network LAN-side then the default gateway setting on the LAN interface is unnecessary.

  in Default Gateway value possibly causing problem with website access? Comment by Arkwright December 2
More Comments