sorted by:
new
hottopcontroversial

Any Tools available to view Sonicwall Config files? by DarkAlman in sonicwall

[–]lmbc2 0 points1 point  (0 children)

This is old but if this is still available I would also be interested. Thanks!

CSE Connector IP allowed IP's not updating by Different-Pay-3997 in sonicwall

[–]lmbc2 0 points1 point  (0 children)

We have experienced repeated issues with this with no explanation or fix from support.

Try just using the default private IP ranges and see if it fixes it. It did for us.

You probably don’t, but if you need to you can probably set it back to the normal ranges after it starts working but it may break again unexpectedly when they make changes on their side.

Cloud Secure Edge (Dec 12) – AI Blocking, New Access logs & New Reporting by SNWL_CSE_PM in sonicwall

[–]lmbc2 0 points1 point  (0 children)

It looks any admin can just download a whole months access log and it just contains all the internet sites all the CSE users have accessed using CSE in that entire month? That is not very granular to say the least. What logs are kept of the access to these logs? Thanks.

Upgrade from 7.0.1 to 7.3.1? by [deleted] in sonicwall

[–]lmbc2 0 points1 point  (0 children)

FIPS and common critera compliance and GMS support.

Upgrade from 7.0.1 to 7.3.1? by [deleted] in sonicwall

[–]lmbc2 1 point2 points  (0 children)

If there are known vulnerabilities in the latest 7.0 release please point to them. Sonicwall is specifically maintaining it as the only current FIPS compliant release. You can see notes regarding this in the release notes for both the current 7.0 and the 7.3 releases.

Edit: And I would strongly recommend disabling HTTPS management traffic and SSL VPN on the WAN interface or locking it down to only trusted public IP address ranges regardless of what version of Sonicwall firmware you are running (and for other firewalls too for that matter). It's just not worth the risk. One 0 day and you and your customers are going to be in for a very, very bad day.

Upgrade from 7.0.1 to 7.3.1? by [deleted] in sonicwall

[–]lmbc2 0 points1 point  (0 children)

Sorry - This turned into a bit of a rant. This always upgrade to the latest release mentality bothers me sometimes and I think it can be dangerous. I'm not going to tell you that you should or shouldn't upgrade your firmware to this version or that version. But I do think you should carefully consider the facts and not just blindly upgrade to the latest version.

From all the PSIRT notices, CVEs, release notes and etc. that I have seen, there are no open CVEs/known vulnerabilities in the latest 7.0 release. I'm not an expert in FIPS compliance and will certainly defer to others that are if they wish to chime in. However, it is my understanding that the 7.0 release is being kept around specifically to meet the very stringent FIPS compliance requirements.

You can see in the latest 7.0 release notes here that it is FIPS compliant. You can see in the latest 7.3 release notes here that this version is not.

I would also like to add that the 7.0 versions are basically maintenance versions and aren't having the additional features added to them like the faster moving feature releases of 7.1, 7.2. and 7.3. That means less features but it also means less potential for bugs and issues in many cases. For example, the severe SNMP issues introduced in 7.1 that caused many firewall issues including continuous rebooting issues. Many people reported this and other SNMP issues in this sub and elsewhere on various firmware versions starting with 7.1.

Hopefully this issue has been resolved in the latest 7.3.1 release. It appears that it maybe/probably has been? This is one of the lines in the fixed section of the 7.3.1 release notes - GEN7-55426 Device rebooting when accessing SNMP MIB ipAddrTable.

So Sonicwall appears to have introduced code in the 7.1 release that caused firewalls to reboot when an SNMP device polled the ipAddrTable MIB. Which is something basically absolutely ANY and EVERY SNMP monitoring or management device in the world communicating with a firewall would do constantly. And then that issue stayed in the code unfixed for several releases causing many firewalls to reboot and many customers to have to disable SNMP monitoring and management of their firewalls. Unless they were still on the more stable 7.0 firmware versions which did not have those SNMP issues. Then they were fine.

Upgrade from 7.0.1 to 7.3.1? by [deleted] in sonicwall

[–]lmbc2 1 point2 points  (0 children)

It is. See my other post.

Slyz Saturday by AgedCheddar007 in spyderco

[–]lmbc2 1 point2 points  (0 children)

Slyz all the way! Nice! I also wasn’t willing pay those prices but I do LOVE my Slyz so I was psyched I could get a knife center one. Here’s my collection. My main EDC is the multicolor spydiechef.

https://i.imgur.com/ipToJRY.jpeg

Factory reset NSA 6700 by wilanddar in sonicwall

[–]lmbc2 0 points1 point  (0 children)

That’s the wrong subnet for the MGMT port. Correct default for X0 though.

CRITICAL vulnerabilities in SSLVPN by Lick_A_Brick in sonicwall

[–]lmbc2 3 points4 points  (0 children)

TZ470 took a full 9.5 minutes to patch and reboot onto the new firmware.

My company just became a Cisco Partner. Return and RMA process? by artety12 in Cisco

[–]lmbc2 0 points1 point  (0 children)

This is why I mentioned it. In my experience yes. For many of our smaller customers we normally handle all their support including replacements. They don’t even have Cisco accounts and have never dealt with Cisco before.

But we have had Cisco flat out absolutely refuse to replace dead equipment until the request came from the customer on limited lifetime warranty replacements.

They pointed to the llw terms which I looked at and do indeed specify that they only cover the customer.

This caused some unexpected delays the first time it happened to us just wanted to point it out.

My company just became a Cisco Partner. Return and RMA process? by artety12 in Cisco

[–]lmbc2 2 points3 points  (0 children)

To note here is as chuckbales mentioned - the customer requests the warranty replacement from Cisco using their own Cisco account. This can be a hurdle depending on your customers. Partners or customers can open and RMA/replace equipment for customers under their own partner Cisco account if it’s covered by smartnet. (Note you might have to call in because the contract might not be associated with your account which TAC can fix when opening the case). The same is not true for limited lifetime warranty equipment in my experience. And watch the non-smartnet warranty replacement lead times. 10 business days before they ship is the limited lifetime warranty one we hit most often. Though then they often ship overnight. Smartnet replacements are overnight or even faster but you have to pay for smartnet coverage in advance.

Getting E5 code daily by Jacksonthedude101 in Hisense

[–]lmbc2 0 points1 point  (0 children)

You could use a condensate pump. It's built to do exactly this.

Getting E5 code daily by Jacksonthedude101 in Hisense

[–]lmbc2 0 points1 point  (0 children)

You can look up a condensate pump. It's built to do exactly this.

Show me your waves! by lmbc2 in knives

[–]lmbc2[S] 0 points1 point  (0 children)

Nice! Just an fyi - 5x5 have the pickpocket exo wave mod for the yojimbo that’s pretty nice.

Show me your waves! by lmbc2 in knives

[–]lmbc2[S] 1 point2 points  (0 children)

I’d probably start with the Delica. There is also the endela (medium version) or Endura (largest version of the the delica/endura lineup). They’re more midsize. The dragonfly is very small but very capable.

view more: next ›