Comments
-
Strange, as it's still working for me after I upgraded to Monterey. What settings are you using on your VPN appliance's Global SSL/TLS Settings?
-
What version are you running on your VPN appliances? I wonder if there's a disconnect between cipher compatibility. I know I ran into that issue with SSH on switches+routers after upgrading to Monterey. Just a thought.
-
It still works for me on macOS Monterey, post-update from Big Sur. I have SonicWall Mobile Connect 5.0.8 installed, if that matters.
-
Yeah, something's up. The Nov 2021 update with version 10.2.1.3 has been pulled from the downloads section. However, we've already installed it because it showed EIGHT vulnerabilities listed under Resolved Issues in its release notes. Nothing has been posted on SonicWall's vulnerability list though:…
-
Hi Guys, while I'm definitely one to call SonicWall on the carpet when needed on this, I think you might want to review what outbound HTTPS traffic you had allowed from your SMA to the WAN. Mine were licensed with all 692 this AM and that is the ONLY outbound HTTP/HTTPS traffic ours is allowed:…
-
Or if they could issue an IPS/GAV signature to the firewalls themselves.
-
Hi Micah, I believe there's a misunderstanding here...I'm asking if someone uses a firewall (NOT vulnerable) to restrict WAN access to the SMA VPN appliance (vulnerable) to only KNOWN IP addresses if SonicWall views that as an acceptable risk mitigation step. Thanks!
-
Is whitelisting client VPN connections on a firewall (NOT on the SMA itself) also an effective mitigation (along with MFA, etc.)?
-
It's as if legal joined the chat and booted out the comms staff...
-
Welp, definitely going to consider how these IR comms went during our next hardware refresh.
-
Nope. We've implemented our WAN IP firewall rule via DEAG to make the update process faster, but that still places a burden on support staff to be as responsive as possible to help minimize remote employee productivity. Obviously cell-based connectivity can be problematic. I can't image the headache if we were fully…
-
"Communication on this subject is not satisfactory and I have a complete loss of confidence ..." Bingo.
-
AH. HERE: Thanks!
-
@Josh4329 How did you restrict admin logins to only internal IPs? I would love to do that even after this saga is over.
-
For limiting WAN access to the built-in LocalDomain's Administrator account, I suppose you could: Create separate portals, using separate ports, one for the LocalDomain domain and Administrator account access, and one for a VPN users domain Only expose the port for the VPN users portal to the WAN As to restricting that VPN…