Comments
-
Hello @ASHW, Welcome to the SonicWall community. You need to make sure that SSLVPN IP pool is part of the VPN configured to AWS and the AWS network is added in client routes and VPN access for the SSLVPN client. The details are given in the following KB. Thanks!
-
Hello @Reinder, Welcome to the SonicWall community. Unfortunately, the 4G USB adapters are not compatible with HA. Since it can be either plugged into the primary or secondary device. The network set up needs to be identical when set up in HA. Thanks!
-
Hello @stevmorr, Welcome to the SonicWall community. If you using an internal DNS server on the machines that are connected to LAN, all DNS requests come to the firewall using the DNS server's IP address. This is expected behavior. I would request you to specifically unblock the DNS signature for Gmail (without any…
-
Good to know. Thank you!
-
Hello @mrshahin, Since these are route-based VPNs, probably phase 2 is still not complete as the static routes are not in place. Could you please add the routes on the firewall for AWS and then test? Thanks!
-
@Enzino78, You can mention the Egress/Ingress bandwidth on the X1 interface itself. The BWM on Gen 7 devices is in advanced mode, so the policies will apply based on the BWM objects created. Thanks!
-
@Garyb, Are you using SSO or ULA for identifying the user after which the group that it belongs to could be checked from LDAP? There is a field called Users included on the firewall where the group can be sleected. But SSO or ULA should be present as well for this to work. Thanks!
-
Yes, the drop code suggests that it is a policy drop. So, the access rules are missing. Please navigate to MANAGE | Rules | Access rules and use the matrix view as below and add the following access rules From Office LAN zone and Sec_lan zone Action: Allow Source: X2 subnet Destination: Sec_Lan Service: Any and also…
-
You have a routing policy on the firewall that explains how 10.10.100.X network can be reached through the interface X2 right? If yes, then the firewall understands how it can reach that network. Since the X3 interface is configured on the firewall, it has an automatic route created to reach it. So, if the connectivity…
-
Then you need to check the access rules between Plant LAN zone and Sec_lan zone and vice versa. If there are no rules, the traffic is denied by default. So you may need to add rules to allow it. If the access rules are present, you can do a packet capture to see what could be blocking the traffic. Thanks!
-
@Garyb, What zones are X2 and X3 on and what zone have you created the network 10.10.100.x on? Thanks!
-
@Garyb, If you have the routing on the firewall, the other subnet should also be able to reach it. What zones are the two interfaces on the firewall on? Thanks!
-
Hello @JamieFuller, Welcome to the SonicWall community. Are you accessing the firewall from LAN or WAN? Also, what error message do you see on the browser while accessing them? Has there been any change with the management port numbers? Are you able to access them over SSH? Thanks!
-
I could download the TZ 570 firmware just fine. Is the traffic going through a SonicWall ? Thanks!
-
Hello @Bernhard_Winter, I downloaded it for my TZ 300W and it seems to work fine. Could you please let me know which device model you are trying this for? Thanks!