TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
What firewall model / firmware version are you running? If firmware is not recent (past 6 months), Id recommend updating. Then try again. You can also try to change it via CLI.
-
If the connection your 10.10.x.x interfaces are on is private, you can setup static routes to have the LANs talk to each other through the 10.10.x.x interfaces without NAT. You'll need access rules to allow the traffic as any traffic from WAN zones to LAN zones is dropped by default. See the following articles:
-
My apologies I was not thorough in reading your original post. Theres a hotfix addressing a memory leak in firewalls recently made available. I do not know what the hotfix for the ES series is for.
-
You're assuming Sonicwall updates their botnet list when attacks are occurring, let alone maintains it at all. You're paying for a license to utilize a feature, not a service. The current Sonicwall-maintained botnet list entry count is 593 entries… Cisco's list is in the thousands, and hasn't changed in a week… I'm sure…
-
Not through MySonicwall. You could through CSC-MA/NSM if you had it. If you're not doing logical probing of your interfaces you should be. By default only physical probing is done.
-
See the discussion here:
-
As an FYI for those who have firewalls regularly running out of RAM due to these attacks, support has a hotfix available for both current generations. We have yet to implement it, but figured Id share. These attacks seem to have unintentionally identified a memory leak.
-
I believe you have to submit feature requests through your local rep, but maybe @fmadia can elaborate.
-
You are not using DPISSL so don't worry about it. In your screenshots in the original post, notice that in Firefox you are going to the HTTP site, while Edge is going to the HTTPS site. It's possibly Edge is automatically trying HTTPS instead of HTTP. Have you enabled 'HTTPS Content Filtering' in your Content Filtering…
-
You might be affected by this: This is all assuming you are doing DPI-SSL but you didn't state that.
-
Welcome to Sonicwall. Update your firmware before doing any configuration. I do not work for Sonicwall so I cannot say if the KB has been updated. But I can only repeat myself so many times: update your firmware.
-
Support is going to tell you to update the firmware.
-
Didn't even know it was a thing. I wouldnt be too worried about the situation u are facing. I'd incrementally update the existing firmware before doing anything (but thats assuming thats an option).
-
Update your firmware to the latest 7.0 (or if ur willing to try 7.1). I've seen similar things on early versions of SonicOS 7.x.
-
My guess is the Linux client, its been poor maintained for a long time. Try rolling back.