TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
Have you considered utilizing MS' official list?
-
You might want to read the discussion going on here: But to answer the question posed in the subject, no you cannot.
-
Technically no, changing the IP address of a physical interface will not affect any of its sub-interfaces.
-
General things to do: Never post your actual public IPs on a public forum. That's an easy way to get unwanted attention. Update the firmware on both devices. Try changing various parameters of the VPN tunnel. IKEv1, DH Group 2, and SHA1 are no longer considered secure by most professionals.
-
Contact whomever supports this connection.
-
Does your NAT rule have any hits? Your Access rule have hits?
-
Start with the basics. Can the Sonicwall ping the VeloCloud IP address? Have you done a packet capture on the Sonicwall to see what interface the traffic is going out?
-
I will try to help. Sonicwall firewalls expect a direct connection to the public internet, meaning their WAN interface expects to have a publicly routable IP address. Any traffic going out an interface in the WAN zone will be NAT'd to the IP address on the interface of the Sonicwall. By putting a Sonicwall firewall behind…
-
-
What firewall model / firmware version are you running? If firmware is not recent (past 6 months), Id recommend updating. Then try again. You can also try to change it via CLI.
-
If the connection your 10.10.x.x interfaces are on is private, you can setup static routes to have the LANs talk to each other through the 10.10.x.x interfaces without NAT. You'll need access rules to allow the traffic as any traffic from WAN zones to LAN zones is dropped by default. See the following articles:
-
My apologies I was not thorough in reading your original post. Theres a hotfix addressing a memory leak in firewalls recently made available. I do not know what the hotfix for the ES series is for.
-
You're assuming Sonicwall updates their botnet list when attacks are occurring, let alone maintains it at all. You're paying for a license to utilize a feature, not a service. The current Sonicwall-maintained botnet list entry count is 593 entries… Cisco's list is in the thousands, and hasn't changed in a week… I'm sure…
-
Not through MySonicwall. You could through CSC-MA/NSM if you had it. If you're not doing logical probing of your interfaces you should be. By default only physical probing is done.
-
See the discussion here: