Arkwright All-Knowing Sage ✭✭✭✭
Reactions
Comments
-
I know this is not the answer to your question but I suggest you disable this IPS alert entirely. ICMP echo is not a threat and these events are just noise. If you want to specifically exclude this device: Intrusion Prevention > Signatures > [edit the signature] > Excluded IP Address Range
-
Global VPN Client can do this and is faster than NetExtender.
-
I don't recommend portshielding, as all switching functions are done in software I don't buy it. There is a switch chip between the SOC and the ethernet ports. Everything that can feasibly be offloaded to the switch chip, will be. Even in the unlikely case that it is all done on the CPU, it is not relevant in this case…
-
Add X0 and X8 to the same portshield group. Then you can use either or both in the same network.
-
I've used the migration tool many times to do gen6-gen7 migrations and cannot recall any specific issues caused by the tool.
-
SSLVPN→LAN and LAN→SSLVPN access rule. Do the SSLVPN users have permissions to the LAN? This set per-user and/or per-group.
-
I wish every firmware release got a post from an official rep on here.
-
They are presumably fetching the required URL to do that. You can test this yourself with Web Developer tools in a browser and see what URL is access when you export the logs, for example. I assume they are denied because they're not logged in. But….you really shouldn't be listening on port 80!
-
The logs are timestamped, so watch them whilst connecting a cable. There will be events for link up and address acquired.
-
Ask the new provider if they will buy your old Sonicwalls off you.
-
I think you need to involve the provider and ask them why they are rejecting your login when you are certain that you are using the correct credentials. VLANs are not a requirement of a PPPoE connection, generally speaking. I think if you'd had to configure your laptop NIC with a VLAN before the PPPoE login worked from…
-
I think you're asking about a site-site VPN, but that doesn't require NAT.
-
That sounds like a "specific issue at play in your environment" - it is not normal for a client to entirely lose networking because of a lease renewal. I replicated your test here, 0 pings dropped, even with 10 pings/second. … 64 bytes from 192.168.1.68: icmp_seq=121 ttl=128 time=3.52 ms 64 bytes from 192.168.1.68:…
-
I have never heard of this, and if this happened in general, I think NetExtender would barely be usable [some routers have a stupidly short DHCP lease time, for example]. So there is probably some specific issue at play in your environment.
-
You aren't deleting them from SSLVPN. Users > Local Users & Groups Delete the user. The next time they connect, they will be prompted to enroll MFA.