MitatOnge All-Knowing Sage ✭✭✭✭
Reactions
Comments
-
Generally, I use local web service for url and ip lists. I pull the list from cloud to my local web server and set the firewalls botnet setting for local web server. there is no other way for this situation. you can create a script for pull the url and ip list.
-
you should check the ip conflict with sonicwall gui ip.
-
You can share printer connection ports but you cannot find and access via the bonjour or other printer broadcast services with scanning. if you know the printer ip after the created access rule for printer ports. you can directly connect via windows printer add tools with ip. do you want to see with scanning you have to…
-
some of logs are creating by the sonicwall security services. these are increasing your cpu. You should check the services. may be access rules create log bottleneck or security services create a lot of logs. generally cpu0 assigned and responsible for vpn, logs, dhcp and management ui. you should check step by step these…
-
can you try divide the file as url and ip ?
-
Forticlient and other brands client does not support sonicwall client to site vpn settings. just you can use another client for lt2p vpn on sonicwall
-
Hello @khseo You should check log settings and convert to debug to inform log config. and remove logging setting temporarily for all access rules
-
You should use ip helper for printer broadcast services. generaly pritner uses 9100 TCP AND UDP . but you have to check with wireshark or printer brand books. some case kb: sample another service ip helper config:
-
dynamic and botnet are not same. dynmaic has limits of the device capacity. create a text file in the web server and give the access firewall interface and under the botnet menu show the path of text file. and block all url and ips. Botnet setting details: Deag Limits: DEAG AND DEAO MAXIMUMS Maximum DEAGs: The maximum…
-
You can use botnet filter. Dynamic address objects doesn't support the 11k objects.
-
You should create dhcp relay/ip helper on sonicwall.
-
This menu "Shadowing" only includes Sonicwall OSX 7 version vm and appliances. you don't see on Sonic OS7. This is a terminology. Means that 2 rules override each other or that the rules conflict. Please check all nat rules for conflict by manuel. You sad that you used migration tool for transition. Somtimes migration tool…
-
Hi @Ruben_Cardenal You should filter as USERS option. and you will see user authantication process logs. please change the log settings to DEBUG mode for a few minutes test it and share us please
-
Hi @KyleCKnapp Yes it is possible your design. you can put behind the sonicwall ES or afterward any other brand spam filter. Inbound traffic schema is below. Sender email ---> Sonicwall Email Security Appliance --> Baracuda ---> Customer Mail server ---> customer users Outbound traffic schema is: Customer users -->…
-
You should do twice nat rule / double nat. I don't have acccess firewall now however I cannot share screenshot but I think below example will be clear. create a nat rule for overlaps ips example : HQ--->BRANCH HQ Firewall Nat rule 1. source : overlap ip 192.168.1.0/24 translated : new nated ip: 10.10.10.0/24 destination :…