MitatOnge Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
hello @Manoj , Can you clearfy network topology with viso design ? If I'm not mistake. You have LL router and there are 2 interfaces and behind the router located sonicwall fw? <--Wan IP 1.x.x.x/30 eth0 -->LL ROUTER<-- Lan ip eth1 1xx.xx.xx.xx0/29 to 1xx.xx.xx.xx4/29 --> <--X1 Sonciwall FW X0 --> 192.xxx.x.xx0 to…
-
You don't need to create access rule for printers. just you should create ip helper service for printer discovery broadcast service
-
Generally, I use local web service for url and ip lists. I pull the list from cloud to my local web server and set the firewalls botnet setting for local web server. there is no other way for this situation. you can create a script for pull the url and ip list.
-
you should check the ip conflict with sonicwall gui ip.
-
You can share printer connection ports but you cannot find and access via the bonjour or other printer broadcast services with scanning. if you know the printer ip after the created access rule for printer ports. you can directly connect via windows printer add tools with ip. do you want to see with scanning you have to…
-
some of logs are creating by the sonicwall security services. these are increasing your cpu. You should check the services. may be access rules create log bottleneck or security services create a lot of logs. generally cpu0 assigned and responsible for vpn, logs, dhcp and management ui. you should check step by step these…
-
can you try divide the file as url and ip ?
-
Forticlient and other brands client does not support sonicwall client to site vpn settings. just you can use another client for lt2p vpn on sonicwall
-
Hello @khseo You should check log settings and convert to debug to inform log config. and remove logging setting temporarily for all access rules
-
You should use ip helper for printer broadcast services. generaly pritner uses 9100 TCP AND UDP . but you have to check with wireshark or printer brand books. some case kb: sample another service ip helper config:
-
dynamic and botnet are not same. dynmaic has limits of the device capacity. create a text file in the web server and give the access firewall interface and under the botnet menu show the path of text file. and block all url and ips. Botnet setting details: Deag Limits: DEAG AND DEAO MAXIMUMS Maximum DEAGs: The maximum…
-
You can use botnet filter. Dynamic address objects doesn't support the 11k objects.
-
You should create dhcp relay/ip helper on sonicwall.
-
This menu "Shadowing" only includes Sonicwall OSX 7 version vm and appliances. you don't see on Sonic OS7. This is a terminology. Means that 2 rules override each other or that the rules conflict. Please check all nat rules for conflict by manuel. You sad that you used migration tool for transition. Somtimes migration tool…
-
Hi @Ruben_Cardenal You should filter as USERS option. and you will see user authantication process logs. please change the log settings to DEBUG mode for a few minutes test it and share us please