SonicAdmin80 Cybersecurity Overlord ✭✭✭
Comments
-
L2 bridge mode or transparent mode are also possibilities, but would probably require new IP addressing for the internal network. for what @Istvan was saying, search for ”Configuring Routed Mode”.
-
You could get a multi-domain certificate and use it for both.
-
@dspjones, Mobile Connect on Windows is EOL: https://www.sonicwall.com/support/product-lifecycle-tables/sonicwall-mobile-connect/software/ NetExtender and Connect Tunnel are the supported clients. Mobile Connect still worked for me when connecting to a Gen 6 firewall a while back, but connecting to SMA 100 series gave…
-
A bit of a roundabout way and a suitable computer to connect to might not always be available. I would use either MFA or centralized management instead. Although they might not be failure proof the same way a direct connection is.
-
Does Connect Tunnel work? Not an option with SMA 100 series of course.
-
Yes it's a little weird because why wouldn't you want to use a separate account for VPN and administration. In case the VPN account is compromised would be beneficial if that account doesn't have any admin rights. Better to use MFA and hope it always works.
-
I think at least on Gen 6 devices only the user used to connect with SSL-VPN can be used to log in to the appliance. Which is a little strange because it lowers security.
-
@BWC You are right that EDNS is not the same thing as DNS over TCP, but rather they are different solutions for overcoming the same problem. RFC2181 (1997) also has clarifications to the TC bit functioning and later RFC5966 (2010). Email Security might be using some sort of stub resolver which doesn't support TCP mode or…
-
Kind of critical feature for a spam filter so odd that it hasn't been implemented earlier. The first RFC for EDNS is from 1999 and the second from 2013. Let's be generous and say that EDNS became critical only after RFC 7208 for SPF which came out in 2014. That's still 7 years to implement a feature which when missing…
-
@David W OK I'll do that then.
-
@David W For me there is no icon anywhere to create a new message, not in the messages window, not on your profile page either.
-
@David W How do I send a direct message? Can't find the option anywhere.
-
@David W Yes, the text in the first post is copied directly from the NDR that O365 sends to the from address set in the firewall. Also from the NDR: How to Fix It It appears that your email program added invalid characters (bare line feed characters) into your message when you sent it. Try using a different email program…
-
I bet the web developers don't actually use any of the products themselves and only design using large high resolution displays. And seems that management hasn't consulted any actual administrators either. What else could explain the poor usability with smaller screens and the general unintuitiveness.
-
@David W Yes I read that too, but it doesn't really explain why it happens. Because according to Microsoft they're only delivering the messages as they are and the downstream SMTP server is to blame in not accepting the BDAT command, in this case Email Security. "Microsoft 365 and Office 365 used to remove bare line feeds…