Comments
-
Hi! I did some tests and these are the results. TEST 1: If I create a site-to-site VPN (main mode) the only way to do NAT from a specific source to a specific destination is using the advanced "apply nat policies" option. But this is not what I am looking for. Let´s remember: I only want to do a translation to…
-
This option would solve PINGs against firewall. What about PINGs from LAN to WAN? I will continue with more tests this week. And I will keep you informed with the results. Thanks!
-
Sorry, I would like to see first why the firewall is having this behavior when I enable ICMP Flood Protection. With this configuration (I have attached a capture) core 1 goes up to 80%. While the attack is running, I also have other PCs doing PING to other IP addresses beyond the firewall. And all of them stop receiving…
-
I did the test sending 15000 packets at the best speed possible. Protocol used was TCP, destination port 443. I did it also with destination port TCP 442. The flow of the traffic was WAN-Firewall itself. Since this is an attack to the firewall and I did it with an unused port (TCP 442), I do not know what ACL to configure.
-
I recommend this article to everyone that need to test throughput. You can use it between interfaces and with GVC / Netextender to do some measures.
-
At the picture I have attached, you can see the option to "Import Certificate". I do not know why it does not show itself at the beginning. Now I have imported I can select it and continue. I am able now to establish a GVC with client certificate.
-
Hi! Yesterday night I did these tests with Netextender and GVC. I have used IPERF3 in all cases. Syntax used for upload test: iperf3.exe -c XXX.XXX.XXX.XXX -t 30 -i 1 -P 10 Syntax used for download test: iperf3.exe -c XXX.XXX.XXX.XXX -t 30 -i 1 -P 10 -R Tests between two Windows 10 with Netextender 10.2.292 and TZ300…
-
Thanks a lot! My problem was I was putting IP address in step of server domain name.
-
I found the error. My mistake. Switch ports configuration were not exactly the same. Now I can reach the Secondary by its monitoring IP. Thanks!
-
Both switch ports have the same configuration. I can PING Primary from the switch. I cannot PING Secondary from the switch.
-
The Secondary State is "STANDBY" Virtual MAC is enabled for HA. I am looking for Secondary ARP entry on the Cisco switch. It is not there. I can see only one entry for the Primary. I did the same from Windows. And I have got the same results.
-
Hi! I hope every one is fine. Any news about my idea?
-
I have tried it 3 more times. TZ300 reboots itself. So I had to open a case with Support. They are having a look at TSR, logs, etc.
-
Yes, you should do that to all PCs on the LAN. You could also setup a DHCP server on the firewall itself. And set the DNS option to give 8.8.8.8 and 8.8.4.4 In case you have too much PCs on the LAN, I would suggest the second option.
-
Have you tried changing the DNS servers on a client PC? I mean, you could put 8.8.8.8 as the primary DNS server and 8.8.4.4 as the secondary DNS server on the client PC TCP/IP settings. In case you have a DHCP server on the LAN, change the DNS servers it is offering to clients.