MustafaA SonicWall Employee
Reactions
Comments
-
Hi @CF_ADMIN The 7.1.1-7047 firmware release addresses a single issue: the vulnerability CVE-2024-22394. However, our upcoming release scheduled for mid-March will encompass multiple issue resolutions. Please note that the exact date of the firmware release is subject to change and contingent upon the completion of Quality…
-
Hi @Larry The domain use.fontawesome.com resolves to IP addresses 172.64.206.38 and 172.64.207.38. However, our firewall identifies these addresses' location as "Spain," contrary to their designation as "US" on our Capture Labs portal at https://capturelabs.sonicwall.com/m/feature/ip-reputation-lookup. Our Engineering team…
-
As @BWC highlighted in his comment, 7.1.1-7047 has only one fix which is for the CVE-2024-22394 vulnerability (more info available https://psirt.global.sonicwall.com/vuln-list). As a side note, the next firmware is expected to be released during the second half of March, depending on the QA tests.
-
Hi @cty584 Unfortunately, there is no such built-in feature on the firewalls, that would fulfill your requirement.
-
Hi @Tony Next step would be to check the Log Level. You can set it to Debug which should generate plenty of events.
-
Hello @MartinMP Looking at the packet capture, your source of traffic is 10.46.10.117 which is coming through the X0 interface instead of the X0:V30, which indicates that the frames are not tagged with VLAN ID 30. Make sure your switch is configured correctly so that it tags the traffic properly. Firewall will consider…
-
Hey @Tony When the firewall generates the Syslog messages it uses one of its' interfaces (eg. X0, X1 etc.) Please use Packet Monitor to trace which interface is being utilized as the source and make sure this is part of the Tunnel Interface static route policy.
-
Hello @Ajishlal Since SOHO-W uses the Gen6 firmware, we have the HF build available.
-
Hello @AlainPharmacy Create Address Objects for each IP address in your list, nine in total. Create an Address Group Object and then add these Address Objects to this new group. Create an Address Object for your GW 100.100.100.6 Go to Network - Routing Policy and add a static route policy. Under the "Lookup" tab select the…
-
Hello @Gustrastren There are two available options to address your specific requirement. The initial option involves channeling all (Tunnel All) internet traffic from remote users through the SSLVPN. This implies that remote users will access Internet resources using the public IP address associated with the…
-
Hello All, We have the HF builds available for Gen6 and Gen7 firewall models. Engineering team is still working on the fix for the Gen5/SOHO. For your reference the Issue IDs are below. Gen5 Firewalls: GEN5-71 Gen6 Firewalls: GEN6-4189 Gen7 Firewalls: GEN7-46209 Please contact Technical Support via web cases so that we can…
-
Thanks for the feedback @Kfleb1 . Glad it is resolved.
-
Hello @C_B If I understood your requirement correctly, you can do the first part but not at the same time the second one. You need to configure WAN to WAN Access Rule for the SSLVPN port. You can specify an "allow" rule for the specific public IPs as the source, and this needs to be followed by a deny Access Rule and "any"…
-
Since you are confirming that the Verizon modem was connected to X2 interface, and given the fact that the link status shows "Link Down", this may mean that they are not able to negotiate layer-2 link speed (eg. 100Mbps, 1Gbps). Either test it by inserting a dummy switch in-between or manually select 100Mbps, 1Gbps to see…
-
Hi @SonicwallBCR The latest firmware for Gen6 firewalls is 6.5.4.13-105n which was made available in September 2023 as a Maintenance Release. Gen6 firewalls include NSA 2650 and NSA 4650 models. Let me know if you have any follow up queries.