Comments
-
Thanks but that is too vague, I would appreciate more detail, such as what does the Firewall look at, is it ARP cache etc. This link is a little better but there should be a KB on this topic alone, covering detailed info on this. https://www.sonicwall.com/support/knowledge-base/sonicwall-nsv-series-faq/180705140131923/
-
@fmadia Your point on disabling DPI is accurate but the Sonicwall OS could be better at helping admins create more security conscious rules when absolutely having to disable DPI. Having built in dynamic objects for the major cloud vendors and their services would really help here, like what other firewall vendors already…
-
@Larry Whats the pricing like on Rocketcyber, are they strictly US based/hosted? Have been looking at a new SIEM for SonicWALL myself as CSC just doesn't cut it.
-
@SonicAdmin80 Thanks for adding that, have no use cases myself for it yet but nice to know that it can work and how, cheers!
-
No probs, yep but I am pretty sure the sonicwall checks the local user DB first and then goes to LDAP. So if the username exists in the sonicwall local users list then thats what will be matched. Probably best to not have the usernames on the local sonicwall (if using them) to match your AD anyway so the users know and you…
-
The local accounts will work in combination with others being LDAP, you probably dont have the local users in the correct SSLVPNservices group. The domain for the login is just a visual thing, doesnt actually matter or relate to your AD, so its the same for local users as the AD user. Use the web based portal to check your…
-
You have an on prem AD DC and using the AD connect sync tool yes? In that case Azure/o365 doesnt come into this, you are still just pointing the sonicwall to your normal AD DC(s). You should be pointing your Sonicwall at the on prem AD, is the sonicwall in the same LAN as your AD DC?
-
@yadnikhil You can use radius for the GVC logins and point to NPS on a windows server and install the o365 NPS plugin, if you are looking to leverage o365 MFA.
-
@shiprasahu93 Firewall is currently on 6.5.4.4-44n Settings on the firewall and the Capture tenant were all present and correct. I removed the Capture client and installed from the firewall enforcement prompt/browser redirection (which seems to only work in IE). Once it was installed using the on prem firewall prompt to…
-
@BWC Just to add to this from what I have seen, though I agree some concrete information would be nice. The VPN built to CSC generates the random net on both the source and destination networks on the tunnel. The tunnel is policy based so is preferred over any routes in your routing table. So the IPfix messages are sourced…
-
I was always under the impression that the X1, like the X0 is to LAN, was fixed to WAN. Not sure why for X1 but for X0 they seem to tie any mgmt type traffic (like the source of pings or ldap requests) to source from the X0 IP.... I assumed it was something similar for X1. Could be mistaken but I believe they mentioned…
-
This is related to the fw MgMt auto rule ticked for a vpn your DMZ net is associated with. check your VPN's your DMZ net is included in. Edit the VPN and look at the last tab "advanced" Management via this SA - uncheck https etc but be careful if you have any VPN's you manage the FW over create a manual rule to allow mgmt…
-
Thanks @BWC
-
Create a new one, what are you looking to do exactly? If you are looking to publish a service to the internet for example you can use the "wizard/quick configuration" button to generate the NAT and rules you need, then take a look at what was created to understand it. The wizard/quick config will create more than you need…
-
Thanks for the update, will be trying this now, its nice to have this community to get this info as I did not get this news from any other channel. Do you know if the threat alerting via email is also now working in 1.7 or a link to a list of what was fixed/added in 1.7? Thanks