Comments

• SSLVPN → LAN access rules?

  in How to fix not being able to connect to devices on my network after successfully connecting to VPN? Comment by Arkwright January 23
• This is because I also found similar port scan alerts (very few) for foreign servers coming from port 443. This looks like the response from a web server, right? Yes, I see a lot of this - port scans appearing to originate from what is obviously a "destination" port. I don't think SonicOS actually does anything proactive…

  in Real port scans or just responses for client initiated queries? Comment by Arkwright January 23
• Obviously we didnt want to delete or alter any existing rules Is it obvious?

  in Maximum Rule Count on TZ400 sonicwall unit device query? Comment by Arkwright January 22
• "Create more than 7000 rules" is not an actual objective, that's just a side-effect of what you're trying to achieve. So what are you really trying to do? My intuition would be that if you need more than 7000 rules on a TZ400, whatever it is you're doing, you're doing it wrong.

  in Maximum Rule Count on TZ400 sonicwall unit device query? Comment by Arkwright January 21
• Default LAN→WAN rules allow any service, so this will just work. You say "We" are getting it installed, rather than "I am installing it", so questions about configuration details are probably best answered by those doing the work.

  in OpenVPN client behind NSA 4700 Comment by Arkwright January 17
• What are you trying to do? Are you trying to translate the addresses of the traffic traversing the tunnel? Or are you trying to allow the tunnel to connect to/from multiple public IPs?

  in VPN NAT Question - Multiple Public IP address Comment by Arkwright January 17
• Searching the access rules for interfaces names isn't going to give you a full picture. Interfaces belong to Zones, so look at the zone→zone pair of rule-sets you're interested in, eg WAN→LAN, LAN→WAN, etc.

  in Allowing 2 different WAN interfaces to the same LAN interface Comment by Arkwright January 17
• Check WAN>WAN access rules. Enabling management services on WAN interfaces creates rules there automatically.

  in Sign in attempts on port 1443 & Port 22 Showing as Open Comment by Arkwright January 17
• By my current understanding, X1 and X2 should both have access to X0. That is not the out-of-the-box behaviour of WAN→LAN traffic. If that's how it behaves then you've configured it like that. in routing rules, X2 is defined as the gateway for the .200.0 subnet. This way traffic from it can't access the rest of the network…

  in Allowing 2 different WAN interfaces to the same LAN interface Comment by Arkwright January 16
• I assume the firewall is expecting them on 500 and dropping them on 4500, or vice-versa. Are the payload packets inside the tunnel actually being dropped?

  in DROP PACKET IPSEC Comment by Arkwright January 16
• Do you think the traffic should be allowed, or not?

  in DROP PACKET IPSEC Comment by Arkwright January 15
• You don't need to create any route policies in this scenario because all networks are directly connected to the firewall and routes to connected networks are created when the interface is configured. If X2 is a WAN interface then what you probably want is a port forward, as WAN interfaces are usually NATed. Maybe a little…

  in Allowing 2 different WAN interfaces to the same LAN interface Comment by Arkwright January 15
• You could try an explicit route ping probe, explore the options in there.

  in Use Network Monitor to ping across IPSEC vpn Comment by Arkwright January 15
• I don't think access rules on firewall itself will make any difference to firewall sending syslogs out of its own LAN interface. So don't worry about that. You could try a packet capture with Wireshark on your target server. Have you followed this?…

  in Syslog traffic being blocked Comment by Arkwright January 14
• Can you ping it?

  in 192.168.168.168 Comment by Arkwright January 14
More Comments