MarkD Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Add a routing rule via the Policy section/Routing Rules Source Any Destination Cisco Linksys Network Service Any Nexthop Standard Route Interface X0 gateway "the ip address object of the Linksys 10.1.52.100" metric 1
-
nothing wrong with what you have done but you've missed the fact that the sonicwall does not know about 10.1.53.0/24 you need to add a route back to that network via the router at 10.1.52.100
-
configure the switch with VLAN 10 set the uplink port to switch port mode trunk set the downlink on your Linksys port to switch port mode access switchport access vlan 10 The Linksys then dosent need to understand the VLAN ID, the switch will add this on frames going to the firewall and remove the VLAN ID as it egresses to…
-
P1 and P2 timings are clashing, you've used the "defaults" Change the timings!
-
The IKE SA delete is part of the IPSEC protocol. Check your P1 and P2 timings, Phase 1 should be greater than P2 as the P2 is inside the P1 tunnel. Try 28800sec (8Hr) for P1 and 3600sec (1Hr) for P2 on both sides of the VPN
-
have you thought about backup the config, and flatten the 3700, bring it upto 5161 and build the config from scratch? otherwise you're working backwards You always have the backup if needed, but sounds like the configuration isnt too extesive, and you can always extract parts of the config manually.
-
I'm basing this suggestion on how I know the firewall handles TCP/UDP connection, timeout. - not based on any experience of Quickbooks Specifically I see this with SIP TLS or SIP UDP The site is probably all dynamic content - not much you have control over its speed unless you are on a damp piece of string. And keep in…
-
sounds like the users are not actually doing anything fro a while and with TCP connection timeout is 15 minutes it will close the session. create a rule specifically for the destination and alter the TCP timeout, if you do it globally you risk exhausting the resources on the firewall Increase TCP or UDP connection timeout…
-
The following article provides guidance on useing the MS Authenticator application. This is not Entra MFA - thats a whole different bag. Using TOTP (Multi-Factor Authentication) Using Microsoft Authenticator on SonicWall Next Generation Firewalls
-
Ensure you PC firewall has inbound UDP 514 open to recieve the systlog messages
-
Under access rules you can see the statistics of Policies and No. Hits and last hit. If you want to review the Firewall Logs (action drops) through the Monitor/Logs Under device/log/settings Import the firewall Action Template you can also customize the GI Log events in the same place. I would suggest if you want long term…
-
IKE ID ? not matching What is error code 33 — SonicWall Community
-
IKE id - I would suggest on the Checkpoint is based on IP address - as is the Sonicwall by default. First try enableing NAT traversal under IPSEC VPN advanced As your firewall is behind a NAT device, the checkpoint will see the request from the external Natted WAN address but the IKE identifier is the pre-natted address of…
-
review the configuration you have put in place on each device.
-
those entries are detailed in your link - Network access