Comments
-
@Storch thanks for the update. Instead of the service being any in the access rule, we need to make it specific - Can you add the service object called HTTPS management and try? On Destination firewall: VPN to LAN Src: Any Dst: All X0 Management IP Service: HTTPS Management
-
Hi @lunapiena Is this a default rule or a custom rule? WAN to WAN is anything on the internet to the WAN interface or vice versa. Is there any service objects in the rule?
-
Hi @Storch I know you said you enabled mgmt over HTTPS in every location - but can you double check on the VPN policy under the Advanced tab if "MANAGEMENT VIA THIS SA' is enabled for HTTPS? (Both sides or on destination side)
-
Hi @BWC We just did some testing and disabling DPI should disable App control as its needed. My theory on why it wasn't working for @Twizz728 is the access rule wasn't being hit.
-
@Twizz728 , for the drop code, could you try disabling app control for testing and seeing if the traffic works? I know it says IDP, but i've seen that drop for app control before as well.
-
Hi @Caliparcerito From where are you trying to access the NAS? from the WAN side (internet)? Or just from a different zoned interface on the firewall?
-
Hi @vt100 Locking that version, will lock that config file from being deleted. You can then unlock it by clicking the 3 dots again and clicking unlock. Delete version will delete that selected configuration file.
-
Hi @alimd , Depending on your casting device/software, it might only be able to be casted to by something on its own network. What difficulties are you experiencing? Have you ran a packet capture on the firewall for this traffic?
-
Great to hear! thanks for the update!
-
Great explanation @Arkwright Thank you !
-
There is no Tenant control feature on the Sonicwall Firewalls as far as I'm aware. Are you looking for authentication partitioning for multiple domains perhaps? Authentication Partitioning and Multi LDAP Servers | SonicWall
-
Thanks for the screenshot @RaHorn This is the source port remap option on the NAT policy. It remaps the source port for the connection. If you want to disable it, please see the information in the following article (It says regarding voip, but the information to disable the source port remap is in the article):…
-
Hi @trohlk Could you provide a screenshot of the error you are seeing? Are you adding the SSLVPN server after the ip address? example: 5.5.5.5:4433?
-
Hi @RaHorn , The second port number, are you seeing this as the source or destination port in the packet conversation?
-
Hi @kang Could you please elaborate what you are asking? Are you talking about tenant via mysonicwall.com? There is no tenant control feature on the NSA 3600.