Comments

• Have you run a packet capture to see what is actually happening with the data?...

  in WiFi Calling Issues with TZ270 Comment by TKWITS May 30
• Have you considered checking out Microsoft's documentation?

  in Any guide for SMA OTP using O365? Comment by TKWITS May 30
• IIRC once you L2 bridge interfaces you lose the ability to use port sheilds on other interfaces. This was one of the reasons I stopped using Sonicwalls wireless devices.

  in Native bridging of SonicWave VLAN netwotk to LAN Comment by TKWITS May 25
• in VPN traffic via NAT rules from WAN -> My Firewall -> Second Firewall Comment by TKWITS May 25
• Thanks for bring this up.

  in Trying to block new .zip and .mov domains, following KB, but still not working? Comment by TKWITS May 24
• SSLVPN performance unfortunately has regularly degraded over the years. Make sure youre running at least version 8.266 of NetExtender. It's surprising because they went from their own underlying stack to the 'open' WireGuard stack, which many other companies use and don't have the performance problems with it.

  in SSLVPN / Net Extender on 6.5.4.12-101n Comment by TKWITS May 24
• Open up those access rules to 'Any' traffic. Have you had any progress?

  in VPN traffic via NAT rules from WAN -> My Firewall -> Second Firewall Comment by TKWITS May 24
• I wouldn't NAT only the specified VPN traffic, NAT any traffic from the Palo to anything on the internet with their assigned public IP. Otherwise you'll end up missing something. Same on inbound. Show your Sonicwall access rules for the Palo. Do you know what else is behind the Palo? Double NATd VPNs can be a pain, and…

  in VPN traffic via NAT rules from WAN -> My Firewall -> Second Firewall Comment by TKWITS May 17
• It's not likely the Palo is NATing outbound traffic to the 72.x.x.x address for two reasons: You didnt give them the 72.x.x.x address for their WAN interface; thats not how routing works. What IP did you tell them to use on the Palo WAN interface? Show your Sonicwall NAT rules for the Palo traffic.

  in VPN traffic via NAT rules from WAN -> My Firewall -> Second Firewall Comment by TKWITS May 17
• Generally you want to see packets 'forwarded'. But I cannot tell from your description if the palo traffic is what is leaving. Post sanitized screenshots of the packet details from the packet monitor, and provide a better description of what IP the Palo is using.

  in VPN traffic via NAT rules from WAN -> My Firewall -> Second Firewall Comment by TKWITS May 16
• To answer the questions: The Cloud Providers IP address object should be in the Zone in which it exists (i.e. it's on the Sonicwall's WAN). What you are essentially doing is a port forward, so you'll need Access Rules too. See…

  in VPN traffic via NAT rules from WAN -> My Firewall -> Second Firewall Comment by TKWITS May 16
• Consider the data sheet says DPISSL throughput is 500 Mbps, but has a note saying "Threat Prevention/GatewayAV/Anti-Spyware/IPS throughput measured using industry standard Keysight HTTP performance test tools. Testing done with multiple flows through multiple port pairs. Threat Prevention throughput measured with Gateway…

  in TZ-370 DPI-SSL slow performance Comment by TKWITS May 11
• Read the article thoroughly and come back with questions because you are missing the point.

  in Layer 3 switch Inter-vlan routing with TZ400 Comment by TKWITS May 9
• Read up on how TCP works. The webservers are replying with RST packets for a reason.

  in TCP connection reject received; TCP connection dropped? Comment by TKWITS May 9
• This a common setup. You can simply group all the 'external' SSLVPN users under one 'internal' group and require MFA on the group.

  in RADIUS or LDAP and MFA - Any helpful documents for this Comment by TKWITS May 9
More Comments