TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
Do you have another DHCP server running somewhere else?
-
"I also thought by default all traffic is dropped unless a rule is created?" Sonicwalls are implicit deny, so your statement is correct.
-
You clearly have DHCP enabled on the Linksys, did you try disabling it?
-
The term for the cert 'cross-check' is certificate pinning. It's purpose is understandable from both the provider and client side, so its not going anywhere. Yes, the big providers (MS, Google, Apple, etc.) will continue to pin their certs and thus be excluded from DPI-SSL. Its up to the company to decide if that is an…
-
I never use 'All Connections', as that means lookups are happening even for what could be 'internal' traffic crossing the firewall. Have you tried changing the setting to 'Firewall Rule-based connections' and enabling GEOIP on the appropriate access rules?
-
@SonicAdmin80 summarized it pretty well. "I just think this is a very misunderstood setting with SW's" The same can be said about any NGFW, as DPI and DPI-SSL are pretty much standard fare on all manufacturers. People will read Reddit and not actually understand any of what they are doing, and put themselves in…
-
Do you mean port forwarding?
-
Sorry, I meant X1 as you correctly interpreted. This is simple port forwarding with inbound source restrictions.
-
Doesnt seem likely as these settings probably modify system-level functions which are outside the view of management. I suppose a poke around in the diagnostics menu might reveal additional options.
-
I dont recommend ANY zone to ANY zone rules. Also I noticed you are specifying the Source Port in your access rule as the same as the Destination Port. Thats not how this works. Source ports are usually ephemeral. What happens if you do a specific LAN (or whatever zone the PS4 is in) to WAN access rule allowing the PS4 IP…
-
My short retort was against this line and wasn't meant to be malicious, just a reality check: "what exactly are all the records/objects/things I need to configure on the TZ 215 to get this to work?" Thats a vague and open-ended question. Frequent forum users will know I am blunt, but I genuinely try to help guide people. I…
-
I dont think tunnel-mode VPN would work, because ultimately we would run into the same issue (same tunnel gateway IP). I was under the assumption there was another ISP we could use at the Linkou site. Is it a requirement that the camera traffic go over a VPN tunnel? You are hitting the limitation of VPN tunnel technology…
-
" how do I bring that traffic back 'down' to the PC for the communication to continue functioning between that device and its software on the PC" Use split tunneling
-
Does the device boot into safemode? AFAIK, safemode is the only way to recover firmware on pre-Gen7 devices.
-
I was going to say the same thing. It sounds like you unintentionally found a quirk in the Watchguard VPN client, and things 'just worked' for you. Since you are using tunnel-all, ANY IP traffic for ANY subnet will go over the tunnel. That's why its called tunnel-all, and thats why you are still seeing ethernet traffic in…