TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
If the device is registered to your mysonicwall.com account you should be able to download the firmware from the MySonicwall 'Download Center'. Otherwise search the web for the filename.
-
Make sure you clearly communicate the change to the vendors that manage the other VPN endpoints, and give them a schedule to work from. Testing new connections can begin on date X, full cutover 2 weeks later. You have to force peoples hands sometimes, and sometimes that means things won't work while people get their heads…
-
IIRC the only way to get NetExtender to do silent upgrades is to install from the users web portal (from where a .exe is downloaded and run). After that, when a firmware update is done to the firewall, the new firmware contains updated NetExtender code which will get downloaded by clients automatically. Any other method of…
-
"without having any blocking or unpleasant surprises" Good luck with that. You have to expect at least one thing will be missed.
-
+1 to better accessibility @MitatOnge
-
This isnt specific to Sonicwalls, more of a general question, but nonetheless. Hopefully you got either a static or group of static IPs on the new WAN otherwise this will be an exercise in futility. For inbound connections: Assess the config, specifically publicly accessible services, by looking at WAN to LAN (or more…
-
Are your test devices directly connected to those interfaces or are there other devices in between? What are the specs of the test devices? You havent given enough information. Also SMB is notoriously bandwidth inefficient and is not a good test, look into iperf or its forks.
-
Let me search for you:
-
To answer the question: yes you can configure interfaces in a 'bridge mode'. But that won't actually do anything for you. Since you want to provide external access to your FTP server you will either need to have your own internet circuit, or have the building IT allow FTP traffic to your Sonicwalls WAN IP, then youll have…
-
My suggestion would be to not use the config conversion tool, it has bitten me too many times and have run into weird random issues after using it. That said my recommendations (since you have an HA setup): 1: Failover to the HA appliance, and let it run as the active unit. If OSPF issues continue you can rule out a…
-
For clarification: you have the two sites with the wireless bridge AND an internet connection at at least one of them? And users are connecting via SSLVPN through the internet connection? You will need to ensure both the SSLVPN clients and the second site know how to route to each other. After routing is configured, make…
-
You can disable GVPN by marking 'WAN GroupVPN' in IPSec VPN \ Rules and Settings as disabled.
-
Buying a real cert is a quick fix, but I suppose you could import the self-signed cert locally to each machines trusted cert store... Spending hours doing that sure is a quick fix...
-
Management access should be restricted and while meshed inter-office connectivity can be convenient it is also a security risk. If any IP at any location can access any IP at any other location than so can a malicious actor.
-
SSLVPN access is two-fold: Client Routes and User VPN Access. You can add as many Client Routes as you want but if a user isnt granted VPN Access to the subnets it won't ever work. You must also be aware of how your S2S VPNs are configured, firewall rules, etc. What you are looking for is commonly done.