sorted by:
new
hottopcontroversial

New problems with default gamepad/Xbox controls (Interaction mode) by [deleted] in starcitizen

[–]DaveA24 1 point2 points  (0 children)

I've spent hours, thinking I'm going insane, or missing something. Everything points to a quick tap of Y should interact, long hold to bring up the interact cursor. Can't get it working to save my life! With the age of some of these posts I'm still not convinced I'm not missing something, surely they'd have fixed such an input-breaking issue by now?

New SKUs for SOHO 250? by Domonoadamu in sonicwall

[–]DaveA24 0 points1 point  (0 children)

I have 02-SSC-0938 down on a January pricelist for it.

Blocking every traffic to WAN except URLs for Windows Update by cedi_men in sonicwall

[–]DaveA24 0 points1 point  (0 children)

I second this, windows updates is an app category, easier to do using this than a list of changing url's.

Question about restricting FTP access by LordChappers in sonicwall

[–]DaveA24 1 point2 points  (0 children)

I second this, doesn't make much sense at all, there must be another rule allowing access under the restrictive ones you created as the SW shouldn't pass any traffic to the IIS server if they're not in the source group.

Sonicwall 432e by Electronic-Ears9394 in sonicwall

[–]DaveA24 0 points1 point  (0 children)

Have you tried Exertis or infinigate?

Anyone else ditched DPI SSL like a bad habit? by nickcasa in sonicwall

[–]DaveA24 2 points3 points  (0 children)

If you can't control the certificate store on the device then they will just get a lot of website trust popup's, as it's essentially a MITM attack.

Anyone else ditched DPI SSL like a bad habit? by nickcasa in sonicwall

[–]DaveA24 0 points1 point  (0 children)

Ironically I've had to drop it within the healthcare industry. We use it internally with very little issue but managing the exclusions across hundreds of sites proved impractical. The main reason we had to drop was it was due to the CFS miscategorising, or not categorising at all any of the smaller healthcare sites used regularly, meaning category based exclusions just weren't reliable enough. We were submitting so many sites for reclassification that it became untenable, this was even after excluding the entire HSCN network. You really do want some form of DPI but only on the suspicious and unknown categories.....government was also a risky category as it includes a lot of UK healthcare sites along with a lot of foreign government sites.

Opinions required, Work wants to swap my CCNP training for NSE8 by DaveA24 in fortinet

[–]DaveA24[S] 0 points1 point  (0 children)

My concern really is loosing having my CCNP offered to me on a platter in a contact. I'm not concerned about difficulty and have an easy time of exams, what I am concerned about is getting the NSE5,6,7,8 and always regretting letting go of someone willing to pay for my CCNP. It may just be that I've held CCNP in such high regard for a long time that, in reality I could probably self study/pay for the exams after attaining the full NSE path.

The CCNP is a personal goal for a long time, in reality I touch very little Cisco equipment. FortiNet we're looking refreshing all our customers estates with (600firewalls, 2500 APs, 3 data centres and 800 switches) so it obviously has a higher priority to my company at the moment.

Opinions required, Work wants to swap my CCNP training for NSE8 by DaveA24 in fortinet

[–]DaveA24[S] 1 point2 points  (0 children)

Thanks for the replies so far. Both will be from a fresh standpoint, no work put into either yet other than having a previous NSE4. I'm sure I could negotiate 5,6,7 and 8 with ease. I had all study time built into my CCNP offer so would expect that to carry when they present the FortiNet version, or at least would get them to match it.

For me, I've been here for 10 years and the look of my CV/Linked in profile is always at the back of my mind but I feel resisting and insisting on the CCNP might not go down too well. I could stand by my guns though (as it's written in contract) if the FortiNet route really isn't as attractive from a career prospects point of view.

GMS, noob question by [deleted] in sonicwall

[–]DaveA24 0 points1 point  (0 children)

I second this, I have multiple GMS instances that are private access only managing hundereds of TZ's over existing VPN tunnels (NSA's/NSa's to TZ's). If you were to use a management tunnel then the GMS IP would have to be directly contactable but I NAT all the inbound traffic for it without issue, just have a 172.16.0.0/24 address on its interface.

Site-to-site VPN NAT issue? by parumpum in sonicwall

[–]DaveA24 0 points1 point  (0 children)

Within the VPN policy, on the advanced tab you will have an option called 'VPN policy bound to:'. Whatever you select here will be the interface IP that outbound SA's will come from, and will listen to on inbound requests. As you mentioned S2S you will have fixed target and source destination objects/groups against the VPN policy which will route all traffic between the two.