Comments
-
Hi @NickEbstarLtd, You can find the max supported Zone detail for NSA 2700 from its TSR. Here it is for you. Base Max Zone Objects: 206 Max Total Zone Objects: 206 Hope this helps.
-
Hi @CÉSAR_S, As per the packet detail given by you, both the source and destination IP addresses are same. I'm unsure how can the ISP device generate an ARP reply packet with its MAC as source and SonicWall's WAN IP address as Source and Destination IP addresses. This packet drop may be a valid drop. As per your initial…
-
Hi @Pete_202, Possibly the issue needs assistance in real-time. Could you please approach our support team to verify the config on the SonicWall?
-
Hi @Pete_202, Could you please try below KB article instructed steps?
-
Hi @THIRUNAVUKKARASU, Thank you for visiting SonicWall Community. Yes, NSA 2400 can be configured in Routed Mode. You may need to allow the access rules from WAN to LAN or WAN to Internal Zones accordingly, since everything from WAN to inside is blocked by default. Hope this helps.
-
You are most welcome @CHATHURA_YAPA1.
-
Hi @PINALDPS, Could you please check which interface the dropped packets hit on the SonicWall for 192.168.0.18? The packet should hit the interface VLAN 900. IP spoof drop is something that firewall expects traffic on the right interface to which the corresponding subnetwork is bound to but the firewall receives the…
-
Alright @PETE_202. In this case, could you please check the source and destination IP addresses along with source and destination MAC addresses, try to figure out these in the ARP table of SonicWall and see if they belong to SonicWall's MAC address or any LAN or internal machines?
-
Hi @WALDON, Thank you for visiting SonicWall Community. Are you using anonymous login option or username/password option for LDAP authentication on the SonicWall? I dont see the error on the post. Could you please share the error message once? Thanks in advance.
-
Hi @Pete_202, Thanks for checking on the configuration. Lets capture packets on the SonicWall for ARP and see if firewall generates too many packets. Please click on System | Packet Monitor | Configure, - Settings tab: Disable all check boxes - Monitor Filter tab: * Check “Enable Bidirectional address and port matching"…
-
Hi @Chathura_Yapa1, Thank you for visiting SonicWall Community. The below KB article link may be of a help to you.
-
Hi @Pete_202, Thank you for visiting SonicWall Community. Could you please check for NAT policy containing translated source or destination as whole subnet instead specific host/IP? Also, please check suspicious route policy? These two may cause issues with ARP shoot out by SonicWall.
-
Hi @FEARLESS_FREDDY, Source translation NAT is a trick that is played in order to seek response from the end machine. This is not only applicable for VPN access but may be for any scenario where there is no response from the end machine but the end machine is reachable from the SonicWall appliance. Glad that I was able to…
-
Hi @CHRISLAKEERIE, Great!!! Please configure the SonicWalls and hopefully you would be in a better position with your requirement.
-
Hi @RICHARDMCF, Since the issue is tricky and happens randomly, we need to capture packets on the SonicWall during the issue time and understand the behavior of the packets and how SonicWall handles the packets at that time.