Menu

BWC

Cybersecurity Overlord ✭✭✭
Avatar

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

BWC Cybersecurity Overlord ✭✭✭

Badges (27)

5 Year Anniversary250 Answers4 Year Anniversary3 Year Anniversary250 Likes100 Answers100 Helpfuls2 Year Anniversary1,000 Comments50 Answers1 Year Anniversary500 Comments25 Answers100 Likes25 Helpfuls100 CommentsWork Out Loud5 Answers25 LikesFirst Answer10 Comments5 HelpfulsFirst Comment5 LikesPhotogenicName DropperEarly Adopter
See More

Reactions

9 Promote 189 Helpful 415 Like 0 Spam 5 Abuse

Comments

  • I don't know at which point in the Packet Flow the Port Scan detection is executed, but it might before the Access Rules. Did you exported a TSR and searched for the UUID? This will give you the information to what the UUID points to. —Michael@BWC
    in Can SonicWall syslog shows the status of the IP?(blocked or not) Comment by BWC March 31
  • What is the netmask of your X1 interface and are all of the public IPs are within the same subnet? Did you tried the suggested NAT rule, it might be enough already. If not it might be necessary to do a static ARP binding for the additional IP on your X1 interface. There is no need to create additional WAN interfaces.…
    in Dual WAN Dual LAN Comment by BWC March 30
  • @dc500 IMHO, don't waste any time with the onboard certificate management on the Firewall. Get yourself familar with a tool like XCA (https://www.hohnstaedt.de/xca/) and do your Key/Cert Managed in there. You can import/export as you like. It's mostly Drag&Drop from that point on. I'am using it daily and recommend it to…
    in SSL certificate re-issue Comment by BWC March 29
  • @emilward how do the 5 public IPs get assigned to X1? As /28 on X1 or via Routing through an upstream CPE? Either way, it should be sufficient to create a NAT rule to hide X2 behind on of the additional IPs: SRC-Orig: X2 subnet SRC-Translated: Address Object holding one of the 5 IPs, Zone WAN DST-Orig: Any DST-Translated:…
    in Dual WAN Dual LAN Comment by BWC March 29
  • @jst3751 good that there is a HF available, it would be great to know what the underlying issue is and why I don't face it on my appliance for example. But we'll probably never get this information. —Michael@BWC
    in Bug found in 7.1.3-7015: Certificate chosen for mangement Comment by BWC March 24
  • Hi @Bogale thanks for info, but I ticked all the checkmarks for the reasons already. We have a SMA with 2 Cores and 8 GB of RAM, it only happens if I enable one of these two Exchange offloads, all other Portals are not involved and should be a target for a possible DOS as well. Firmware as mentioned is 10.2.1.14. What do…
    in 10.2.1.14 - Freezing after a while (OWA related?) Comment by BWC March 24
  • @David W thanks, I thought we tackled SMA issues in the past, but I guess I confused you with Vijay for some reason, sorry. —Michael@BWC
    in 10.2.1.14 - Freezing after a while (OWA related?) Comment by BWC March 24
  • @Sachingorde I reported my current issue with SonicPlatform to Customer Support in (because it's not product related) and the Ticket got closed somewhat immediately with the remark: We have reviewed your case, and this is best addressed by Technical Support rather than Customer Service. You may provide the serial number in…
    in SonicPlatform - are you ready? Comment by BWC March 24
  • @AKO you might get in touch with support. For my customers I saved the old files in case of a re-deployment. Hopefully the files are available upon request from support, otherwise you're doomed. —Michael@BWC
    in SMA 500v (KVM) - Restart kills Appliance Comment by BWC March 24
  • Well, it comes down to "hey, it's me, the ESA for mail.domain.com and here is the cert to prove it". What the sender is doing with that information is not forseeable, it can be ignored and any cert would have worked or it could be enforced by matching names, validity etc. Using DANE (something ESA isn't capable of) is also…
    in SMTP/TLS certificate usage Comment by BWC March 21
  • @djhurt1 the cert for SMTP is used only on the server side when receiving mails, not involved in the sending part. If you're familar with postfix you might have used the smtpd_tls and smtp_tls directives, which are for receiving and sending, but even in postfix smtp-tls_cert_file for sending is rarely used becuse the…
    in SMTP/TLS certificate usage Comment by BWC March 21
  • @Liêm I'am confused, you're talking about sending mails but the screenshot shows web traffic. To clear things up, are you using some kind of Webmail (OWA) or is it Outlook sending to an Exchange Server? If you're certain that your MTU is correct we can rule that out. Maybe double check with ping to see when it starts to…
    in Block Mail Attachments troubleshoot Comment by BWC March 21
  • I second what @Simon_Weel wrote about the screenshots, not much to see there. If you're able to send mails without attachment (small) but not with attachment (large) it might be related to a MTU issue on your WAN Interface. Make sure the MTU fits to your internet connection, e.g. 1492 for PPPoE etc. This might give you an…
    in Block Mail Attachments troubleshoot Comment by BWC March 20
  • I tried with the embedded firewall connector, but the documentation mentioned Note: Full Tunnel is only supported for Private Edge deployments; it is not supported for Global Edge deployments. Is this information outdated and it should work with linux connector even when Global Edge is in place? I have Connector running as…
    in Tunnel all Comment by BWC March 19
  • I created a Service Tunnel with a single public IP included, but when I crank up the Banyan App on my iPhone(and Windows) it only lists the internal networks in the Tunnel Details, not the public IPs. Any chance that this is related to the following, because it can't be enabled for integrated connectors on the Firewall?…
    in Tunnel all Comment by BWC March 19