TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
Sonicwall will automatically create Access Rules based on settings in various locations (it is a Zone-based firewall). If you do not want Access Rules automatically created for certain Zones, edit the Zone (via Objects \ Match Objects \ Zone) and disable the 'auto-generate access rules…' options. There is also an option in…
-
@Chitra better documentation needed.
-
@Chitra DPISSL documentation needs work…
-
IIRC, you must 'inspect' a category that includes related domains for a block/allow list to be applied. It's kind of illogical but thats how Sonicwall does it.
-
Maybe the company should look into softphones if the hardphones are moving so much… I would suggest a 'loopback' NAT for the PBX public address on Location 1's firewall, then reconfigure all the phones to point to the PBX public address. Then they can move where they want. But my first statement still stands.
-
"Is there anything else that needs to be programmed into the SonicWall so that the NAT Policy is always active and does not miss any type of packets?" If the policy is enabled it is active. Run a packet capture when the issue occurs. Or just reconfigure the phone to use the local address…
-
Using a VLAN on the WAN port for internet access is doable. The pseudo guide they provided gives you a good example (the Sonicwall is a router with a zone based firewall). Be specific about what issue you are having, otherwise we aren't going to do your job for you.
-
You've basically answered your own question.
-
AFAIK, yes (as long as its available) and yes. IIRC, you do not need to license both devices, only the 'primary'.
-
My guess with regards to the 'good reports' is that these admins had already run into issues with 7.1.2 and dealt with them at that firmware version. It seems to me if you skip 7.1.2 you'll run into said issues with 7.1.3.
-
Contact the administrator of the device you are connecting to with NetExtender and contact your M365 admin. There are no settings a user can change that would effect Teams quality issues.
-
Whats on the other side of the tunnel? If you don't control the other side work with the vendor and explain the change being made. They may already have a solution. Compare logs with them. It may take a 30 min phone call but its alot better than try to push a square peg into a round hole.
-
Don't just cross your fingers, export a good config before updating to 7.1 and plan to import it immediately after. Many of us waited for 7.0 only to be disappointed for over a year after initial release. I don't see 8.0 going any differently.
-
I would be doing NAT inside the tunnel config, not outside of it. Try getting just one 1to1 tunnel to work. Then you know it can be done and attempt modifying it to include the other addresses. Rant: I dont know who designed / programmed WatchGuards but they are terrible to administer and decipher.