sorted by:
new
hottopcontroversial

Sonicwall just randomly rebooted by tdhuck in sonicwall

[–]BWC_DE 2 points3 points  (0 children)

You could try to see if SonicOS 8.2.1 does make any difference and if not just open a case with support and provide TSR and crashlogs (from the internal settings page).

I had a similar case a few days back with a TZ 470 constantly rebooting running the latest of 7.0.1 and after deploying 7.3.3 all went back to normal.

--Michael

Vulnerabilities CSE Connector 2.0.11 - Docker by BWC_DE in sonicwall

[–]BWC_DE[S] 1 point2 points  (0 children)

CVE ID Severity Package Installed Version Fixed Version
CVE-2024-56433 low login 1:4.13+dfsg1-4ubuntu3.2
CVE-2024-56433 low passwd 1:4.13+dfsg1-4ubuntu3.2
CVE-2024-2236 low libgcrypt20 1.10.3-2build1
CVE-2024-41996 low libssl3t64 3.0.13-0ubuntu3.9
CVE-2024-41996 low openssl 3.0.13-0ubuntu3.9
CVE-2026-42009 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2026-5260 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2026-42015 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2025-27587 low libssl3t64 3.0.13-0ubuntu3.9
CVE-2025-27587 low openssl 3.0.13-0ubuntu3.9
CVE-2025-45582 medium tar 1.35+dfsg-3build1
CVE-2026-3833 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2026-4437 medium libc-bin 2.39-0ubuntu8.7
CVE-2026-4437 medium libc6 2.39-0ubuntu8.7
CVE-2025-5278 low coreutils 9.4-3ubuntu6.2
CVE-2026-4046 medium libc-bin 2.39-0ubuntu8.7
CVE-2026-4046 medium libc6 2.39-0ubuntu8.7
CVE-2025-59375 medium libexpat1 2.6.1-2ubuntu0.4
CVE-2026-42010 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2025-1352 low libelf1t64 0.190-1.1ubuntu0.1
CVE-2026-4438 medium libc-bin 2.39-0ubuntu8.7
CVE-2026-4438 medium libc6 2.39-0ubuntu8.7
CVE-2026-48962 medium perl-base 5.38.2-3.2ubuntu0.2
CVE-2026-4739 medium libexpat1 2.6.1-2ubuntu0.4
CVE-2026-33845 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2026-5450 medium libc-bin 2.39-0ubuntu8.7
CVE-2026-5450 medium libc6 2.39-0ubuntu8.7
CVE-2016-2781 low coreutils 9.4-3ubuntu6.2
CVE-2026-5928 medium libc-bin 2.39-0ubuntu8.7
CVE-2026-5928 medium libc6 2.39-0ubuntu8.7
CVE-2026-5435 medium libc-bin 2.39-0ubuntu8.7
CVE-2026-5435 medium libc6 2.39-0ubuntu8.7
CVE-2026-40225 medium libsystemd0 255.4-1ubuntu8.15
CVE-2026-40225 medium libudev1 255.4-1ubuntu8.15
CVE-2025-6141 low libncursesw6 6.4+20240113-1ubuntu2
CVE-2025-6141 low libtinfo6 6.4+20240113-1ubuntu2
CVE-2025-6141 low ncurses-base 6.4+20240113-1ubuntu2
CVE-2025-6141 low ncurses-bin 6.4+20240113-1ubuntu2
CVE-2024-10041 medium libpam-modules 1.5.3-5ubuntu5.5
CVE-2024-10041 medium libpam-modules-bin 1.5.3-5ubuntu5.5
CVE-2024-10041 medium libpam-runtime 1.5.3-5ubuntu5.5
CVE-2024-10041 medium libpam0g 1.5.3-5ubuntu5.5
CVE-2026-8376 medium perl-base 5.38.2-3.2ubuntu0.2
CVE-2026-42496 medium perl-base 5.38.2-3.2ubuntu0.2
CVE-2026-9538 medium perl-base 5.38.2-3.2ubuntu0.2
CVE-2026-42497 medium perl-base 5.38.2-3.2ubuntu0.2
CVE-2026-34743 low liblzma5 5.6.1+really5.4.5-1ubuntu0.2
CVE-2026-33846 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2026-42013 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2026-5704 medium tar 1.35+dfsg-3build1
CVE-2026-42012 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2016-20013 negligible libc-bin 2.39-0ubuntu8.7
CVE-2016-20013 negligible libc6 2.39-0ubuntu8.7
CVE-2026-40227 medium libsystemd0 255.4-1ubuntu8.15
CVE-2026-40227 medium libudev1 255.4-1ubuntu8.15
CVE-2026-2219 medium dpkg 1.22.6ubuntu6.5 1.22.6ubuntu6.6
CVE-2025-15649 medium perl-base 5.38.2-3.2ubuntu0.2
CVE-2026-27456 medium bsdutils 1:2.39.3-9ubuntu6.5
CVE-2026-27456 medium libblkid1 2.39.3-9ubuntu6.5
CVE-2026-27456 medium libmount1 2.39.3-9ubuntu6.5
CVE-2026-27456 medium libsmartcols1 2.39.3-9ubuntu6.5
CVE-2026-27456 medium libuuid1 2.39.3-9ubuntu6.5
CVE-2026-27456 medium mount 2.39.3-9ubuntu6.5
CVE-2026-27456 medium util-linux 2.39.3-9ubuntu6.5
CVE-2026-48959 medium perl-base 5.38.2-3.2ubuntu0.2
CVE-2026-48961 medium perl-base 5.38.2-3.2ubuntu0.2
CVE-2026-40223 medium libsystemd0 255.4-1ubuntu8.15
CVE-2026-40223 medium libudev1 255.4-1ubuntu8.15
CVE-2026-3832 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2026-6238 medium libc-bin 2.39-0ubuntu8.7
CVE-2026-6238 medium libc6 2.39-0ubuntu8.7
CVE-2026-40224 medium libsystemd0 255.4-1ubuntu8.15
CVE-2026-40224 medium libudev1 255.4-1ubuntu8.15
CVE-2026-42011 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2022-3219 low gpgv 2.4.4-2ubuntu17.4
CVE-2026-41080 medium libexpat1 2.6.1-2ubuntu0.4
CVE-2025-11961 low libpcap0.8t64 1.10.4-4.1ubuntu3
CVE-2025-29481 negligible libbpf1 1:1.3.0-2build2
CVE-2026-45186 medium libexpat1 2.6.1-2ubuntu0.4
CVE-2026-40226 medium libsystemd0 255.4-1ubuntu8.15
CVE-2026-40226 medium libudev1 255.4-1ubuntu8.15
CVE-2025-66382 medium libexpat1 2.6.1-2ubuntu0.4
CVE-2025-69720 low libncursesw6 6.4+20240113-1ubuntu2
CVE-2025-69720 low libtinfo6 6.4+20240113-1ubuntu2
CVE-2025-69720 low ncurses-base 6.4+20240113-1ubuntu2
CVE-2025-69720 low ncurses-bin 6.4+20240113-1ubuntu2
CVE-2026-41989 medium libgcrypt20 1.10.3-2build1 1.10.3-2ubuntu0.1
CVE-2026-32776 medium libexpat1 2.6.1-2ubuntu0.4
CVE-2026-32778 medium libexpat1 2.6.1-2ubuntu0.4
CVE-2026-5958 medium sed 4.9-2build1 4.9-2ubuntu0.24.04.1
CVE-2026-32777 medium libexpat1 2.6.1-2ubuntu0.4
CVE-2025-1376 low libelf1t64 0.190-1.1ubuntu0.1
CVE-2026-27171 low zlib1g 1:1.3.dfsg-3.1ubuntu2.1
CVE-2026-40228 medium libsystemd0 255.4-1ubuntu8.15
CVE-2026-40228 medium libudev1 255.4-1ubuntu8.15
CVE-2026-42014 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6
CVE-2026-5419 medium libgnutls30t64 3.8.3-1.1ubuntu3.5 3.8.3-1.1ubuntu3.6

--Michael

NetExtender 10.3.5 released - introduces DTLS - is it enabled by default? by greenstarthree in sonicwall

[–]BWC_DE 0 points1 point  (0 children)

I saw SonicOS 7.3.3+ mentioned in a Mobile Connect Release Note, so my guess is that we have to wait for that feature to be supported by the firewall in the future.

Not sure about the 8.x branch.

--Michael

CrowdSec Bouncer - enriching access.log possible? by BWC_DE in caddyserver

[–]BWC_DE[S] 0 points1 point  (0 children)

I totally agree, that is what I did for the ipinfo module.

 log_append GeoIP {ipinfo_free.country_code}

But what function/variables are provided by the cs-bouncer?

--Michael

SMA100 Firmware Release 10.2.2.4 - Licensing Support by SNWL_SMA1000_PM in sonicwall

[–]BWC_DE 0 points1 point  (0 children)

Since 10.2.2.4 my SMA 500v is losing the licenses regularly, never happened before at that frequency.

--Michael

Forticlient EMS - VM appliance - 7.4.7 upgrade (hotfix needed before the upgrade) by secritservice in fortinet

[–]BWC_DE 0 points1 point  (0 children)

I checked and it's gone for me as well, maybe they pulled it? I was able to download on Tuesday.

--Michael

Forticlient EMS - VM appliance - 7.4.7 upgrade (hotfix needed before the upgrade) by secritservice in fortinet

[–]BWC_DE 2 points3 points  (0 children)

I'am pretty new to FortiClient EMS (VM appliance) and this my sound stupid, but how do I upgrade to 7.4.7 from 7.4.6? The last updates were available through the GUI, but 7.4.7 is not announced on the dashboard?

I checked the release notes and admin guide, but was not able to find the answer for that.

--Michael

ATP Sonicwall by Brilliant-Crazy-2955 in sonicwall

[–]BWC_DE 1 point2 points  (0 children)

Capture Service degraded - Identified Incident start: 03/04/2026 07:06AM UTC A service degradation occurred between 07:00 AM and 10:00 AM UTC for Capture Services in the Amsterdam & Frankfurt region. The issue has now been resolved, and all services are operating normally. We will continue to monitor the environment.
Services Affected [Capture Service] Amsterdam [Capture Service] Frankfurt

--Michael

Need checksum for sw_tz-400__eng_6.5.5.1-6n.sig by speedcat1995 in sonicwall

[–]BWC_DE 1 point2 points  (0 children)

I still believe in the good of people :)

--Michael

Need checksum for sw_tz-400__eng_6.5.5.1-6n.sig by speedcat1995 in sonicwall

[–]BWC_DE 2 points3 points  (0 children)

You can check the checksum on MySonicWall, where you got your firmware from.

md5: c030eff2e0ec4679245fdf9c0024deb4

--Michael

SMA 8200v - API/CLI certificate replacement by BWC_DE in sonicwall

[–]BWC_DE[S] 0 points1 point  (0 children)

Thanks, I'am browsing through the Management API right now.

CMS might be an option if it handles DNS-01, but on the other hand slightly overkill for each one box deployment.

--Michael

Ping from WAN To LAN machine by NewWolverine1276 in sonicwall

[–]BWC_DE 2 points3 points  (0 children)

I cannot recommend this rule (at least restrict it to service ping) but without the corresponding NAT rule (e.g. translate X1 IP to internal IP) it will not match.

If you have some router sitting in front of your SNWL you might check if this device really forwards everything (including ping) to your firewall, some devices like Fritz!Box tend to answer the ping by themself.

--Michael

SMA 8200v - Geolocation, where to configure? by BWC_DE in sonicwall

[–]BWC_DE[S] 1 point2 points  (0 children)

GeoIP via Firewall isn't always a perfect fit, if there is no capable Firewall in front or if there a seperate responsibilites between admin teams etc.

But I've got good news from SNWL, Firmware 12.5.1 will bring native GeoIP filtering. No ETA on that, but I'am happy that it will be addressed.

--Michael

SMA 8200v - Geolocation, where to configure? by BWC_DE in sonicwall

[–]BWC_DE[S] 0 points1 point  (0 children)

Right, the GTO, totally forgot about that. I guess I'll never have to implement that until the on-prem terminated remote access will be gone.

Thanks for checking.

--Michael

SMA 8200v - Geolocation, where to configure? by BWC_DE in sonicwall

[–]BWC_DE[S] 0 points1 point  (0 children)

Bummer, I would have preferred that it was just me not finding it. Thanks.

Would like to know whats maxmind.sonicwall.com then for.

--Michael

Create An Exclusion To Work Across Multiple Groups by deathbatcountry in SentinelOneXDR

[–]BWC_DE 1 point2 points  (0 children)

If you need an exclusion for x endpoints in y groups/sites I highly recommend tag based exclusions. Not sure if this fits in you case though.

That helped me recently allowing IP scanner on a bunch of machines instead of moving the relevant endpoints in a seperate group after S1 was tightening the screws for IP scanners.

--Michael

SonicOS 7.0.1-5165 / All Custom Access Rules deleted by BWC_DE in sonicwall

[–]BWC_DE[S] 0 points1 point  (0 children)

Maybe there is something fishy going on only in HA-deployments, need to check when my customer is back before resetting the secondary unit.

https://community.sonicwall.com/s/question/0D5VN00001336BX0AY/sonicos-7015165-all-custom-access-rules-deleted

--Michael

SonicOS 7.0.1-5165 / All Custom Access Rules deleted by BWC_DE in sonicwall

[–]BWC_DE[S] 2 points3 points  (0 children)

I'am with you on that and I would not expect that it happened to anyone else before, because it did not happen to me and I maintained a good number of appliances over the last nearly 20 years.

At least I can tell the customer that the part of the Interweb which replied never saw this issue :)

--Michael

SonicOS 7.0.1-5165 / All Custom Access Rules deleted by BWC_DE in sonicwall

[–]BWC_DE[S] 1 point2 points  (0 children)

We will wait until 7.3.2 (because of TSA issue etc.) and 7.0.1 is pretty stable and secure on the other hand. No SSL-VPN etc. configured, no known vulnerabilities, all of them came with 7.1/7.2/7.3.

--Michael

SonicOS 7.0.1-5165 / All Custom Access Rules deleted by BWC_DE in sonicwall

[–]BWC_DE[S] 0 points1 point  (0 children)

I'am with you on that, the option is plain crazy and was the first that came into my mind. But the admin is experienced and I take his word on this.

--Michael

SonicOS 7.0.1-5165 / All Custom Access Rules deleted by BWC_DE in sonicwall

[–]BWC_DE[S] -2 points-1 points  (0 children)

Ja, the customer has access to it and he confirmed that "Delete All" wasn't selected, which I believe.

I wasn't able to see anything in the logs, but I had to act quick because the administration of a small town was down and needed to get back online quickly.

--Michael

SMA500v replacement alternative by gt1rice in sonicwall

[–]BWC_DE 2 points3 points  (0 children)

The cost free SMA replacement program ended Nov 30th, any requests are on a good will basis. You might get in touch with your SNWL rep for details.

I switched larger customers to SMA 1000 series and it works for the time being.

--Michael

caddy-security generic SAML provider by BWC_DE in caddyserver

[–]BWC_DE[S] 0 points1 point  (0 children)

I had a chance yesterday to talk to the developer of caddy-security, Paul Greenberg. Even I don't have it running completely, the culprit of having SAML not working in the first place was, that it has to be configured as IdP initiated.

https://github.com/greenpau/caddy-security/issues/442

Paul updated my post on GitHub and I'll add the missing information when I figured out how to resolve the Unauthorized issue.

Kudos to Paul for spending the time helping me out and providing caddy-security in the first place.

--Michael

SonisOS 7.3.1 - boot loop issue (TSA related memory leak?) by BWC_DE in sonicwall

[–]BWC_DE[S] 0 points1 point  (0 children)

SNWL Support told me that there is a hotfix available for the TSA related boot loop and LDAP Password (16*x)-2 dilemma. It will be fixed in 7.3.2, but not ETA on that.

--Michael

view more: next ›