TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
Maybe @MustafaA or @Community Manager could shed some light on how this feature actually functions. The log entry is just a warning, it doesnt indicate anything bad is happening. It's not that it doesn't matter, if this was constantly being logged than something would be up. Our standard is protection is enabled @ 65%…
-
The entire point of this feature is to protect the control plane from being overwhelmed with non-control traffic and slow the system management functions down. My understanding when the log entry is generated is that the control plane is dropping non-control traffic because the amount of non-control traffic on the control…
-
To expand: Go to the system logs on the Sonicwall and filter by VPN. See what the Sonicwall is saying. If it's saying there is no reply, and is constantly retrying, than the TrendNet is not communicating properly. You'll have to investigate if the TrendNet has a direct connection to the internet (e.g. not behind another…
-
Are you the administrator of the device you are connecting to? If not, reach out to the person who is.
-
Run a packet capture on the Sonicwall that INCLUDES syslog traffic to verify it is sending to the correct IP. If it is, run a packet capture on your PC to verify it is receiving it. If both of those are successful than it sounds like an application configuration issue.
-
Are you doing Gateway AV with 'TCP Stream' enabled? I have seen where that decimates speed test performance. Otherwise open a ticket with support.
-
Maybe @Community Manager knows. From my (and others') experience SW's internal firmware development and management processes have gone downhill since the release of OS 7. Running anything other than 7.0.x has been a pain. Just look through the forums for horror stories…
-
"when I disable DPI" Do you mean you change the firewall to SPI only, or are you referring to DPI-SSL?
-
Do you have another DHCP server running somewhere else?
-
"I also thought by default all traffic is dropped unless a rule is created?" Sonicwalls are implicit deny, so your statement is correct.
-
You clearly have DHCP enabled on the Linksys, did you try disabling it?
-
The term for the cert 'cross-check' is certificate pinning. It's purpose is understandable from both the provider and client side, so its not going anywhere. Yes, the big providers (MS, Google, Apple, etc.) will continue to pin their certs and thus be excluded from DPI-SSL. Its up to the company to decide if that is an…
-
I never use 'All Connections', as that means lookups are happening even for what could be 'internal' traffic crossing the firewall. Have you tried changing the setting to 'Firewall Rule-based connections' and enabling GEOIP on the appropriate access rules?
-
@SonicAdmin80 summarized it pretty well. "I just think this is a very misunderstood setting with SW's" The same can be said about any NGFW, as DPI and DPI-SSL are pretty much standard fare on all manufacturers. People will read Reddit and not actually understand any of what they are doing, and put themselves in…
-
Do you mean port forwarding?