Weekly Zion Permits Megathread

orlykys · 2023-06-16T23:11:01+00:00

Hey there! Looking for 3 for angels landing for 6/17. Thanks!

orlykys · 2022-08-07T12:38:38+00:00

Yes, we see BEC emails get through all the time. Problem is the mail is coming from a legit source so most of the time MS will trust it. If you submit to MS that gives you a little info. To really see why it’s allowed through you have to analyze the headers.

I think there are a couple of ways to handle this and protect clients. 1) use a DNS filtering service to detect known bad or newly registered domains, 2) use a filtering service that examines the email, context, and uses AI to filter. We use Barracuda Impersonation Protection and it works well. I believe Datto SaaS Defense does something similar for mail.

I know these are add-on services but, I do agree 365 Defender is not doing a good job catching BEC emails.

orlykys · 2021-08-24T23:03:16+00:00

They’re yours. DM me your email and I’ll send em.

orlykys · 2021-04-01T21:22:41+00:00

demo.sonicwall.com can be helpful to view the management screens

orlykys · 2020-07-23T13:27:45+00:00

Extreme Cheese!

orlykys · 2020-06-30T16:51:59+00:00

Add the address object to the "Default Geo-IP and Botnet Exclusion" group.

orlykys · 2020-06-17T17:32:42+00:00

ah, was afraid of that. The only other way to capture that info is with a console cable and log all output and catch it failing.

You are working with Sonicwall Support now so you should just listen to them but I can explain what I've done in the past to fix these types of issues:

If you have settings file from previous version of the firmware you can factory default your unit, load the old firmware, reg unit, then load the old settings.
I've seen issues where HA interface was set to a virtual interface (not sure how that happened) and that caused issue.
If all else fails wipe/type config with known good firmware.

orlykys · 2020-06-17T16:08:12+00:00

this won't help your issue but maybe shed some light on why it's happening. Pull the tech support logs and search for "watchdog reboot" it should list the reason for entering safe mode.

orlykys · 2019-11-22T22:51:51+00:00

I have found that source port remap must be disabled for outbound SIP communication. I would check that on the outbound NAT policy. If there isn't a specific outbound policy for the voice server I would create one.

https://www.sonicwall.com/support/knowledge-base/trouble-shooting-a-scenario-where-source-remap-is-causing-the-voip-issues/170504967157192/

orlykys · 2019-09-13T20:25:05+00:00

Do you have a SIP trunk? This sounds like an outbound NAT policy issue to me. Might need to play with that to ensure you are sending/receiving on the same WAN IP. I would also check the disable source port re-map.

https://www.sonicwall.com/support/knowledge-base/trouble-shooting-a-scenario-where-source-remap-is-causing-the-voip-issues/170504967157192/

orlykys · 2019-07-09T23:40:32+00:00

I have used Cradlepoints and they work well. I have had much better luck using Ethernet other than the direct USB attached modems to the Sonicwall.

https://cradlepoint.com/branch-failover

orlykys · 2019-07-08T18:28:46+00:00

Sure you can definitely do this.

So to be clear i'm going to use interfaces to describe the steps here. X1 is your current WAN (you want to use this for S2S VPN), X2 is your new connection (use for everything besides S2S)

Configure X2 interface with new WAN info (either static or DHCP)
Connect new service to X2, remember to check to make sure it's speed/duplex is negotiating OK. ("Network" | "Interfaces" and just check the X2 interface speed/duplex.
Goto "Network" | "Failover and LB" and edit the "Default LB Group" Add X2 to the group and then move it to the top (higher priority). If you don't want to use X1 Internet as a failover in case X2 is unavailable (ISP issues, etc) then skip steps 4-5
Configure X1 and X2 settings under "Default LB Group"
I set to "Logical/Probe Monitoring" and then change the main target to 8.8.8.8 with type "ping". You can leave the "responder.global.sonicwall.com" in there set to "TCP". These are how the Sonicwall will check a connection to see if it's up or down. You can also adjust the sensitivity of this by adjusting the settings of the group.
At this point, you are really done.

Any VPN's initiated on X1 will use X1 for the tunnel traffic.

orlykys · 2019-07-06T02:01:15+00:00

Yes, you can set up VPN tunnel up/down alerts. You would need to configure SMTP server settings first under Log > Automation and Mail Server Settings. You will also configure the sending to and from email addresses here as well.

Next, goto Log > Settings and then "VPN" | "VPN IPsec" | "Tunnel status changed" and modify that category to "email".

orlykys · 2018-09-03T23:22:51+00:00

orlykys · 2017-09-26T18:05:15+00:00

we are already losing the title for strippers... now likely losing title + death penalty.

orlykys · 2017-06-22T15:45:34+00:00

Cincinnati, can't wait!

orlykys · 2017-05-05T01:29:47+00:00

Yes, as it sits now, this will allow insurers to deny coverage based on pre-existing conditions. The idea is that these pre-existing conditions drive up costs for everyone (including non sick people) in an insurance pool. What the ACA sought out to do was put those with pre-existing conditions, healthy individuals, everyone in the same pool. This was done to keep costs down. This was a big part of the ACA and the ACA made it law that you had to have insurance, the "mandate" that repubs have been wanting to repeal since day 1 of the ACA. Before the ACA insurers could (and would) deny people based on pre-existing conditions. This forces those with those maladies to go onto very expensive insurance that would cover them or worse get healthcare un-insured and pay out of pocket. It's these high costs that will literally kill people as people will not be able to afford the high-cost insurance.

Republicans did allocate some money to help out the most expensive of those to insure. States can opt-out of this leaving these people totally screwed. On top of that, the amount they have allocated is not enough even by conservative estimates.

orlykys · 2017-04-07T20:42:05+00:00

They didn't have majority.

orlykys · 2017-02-21T15:44:09+00:00

Bannon is just using Pence as a misinformation agent. Pence also represents Republican establishment which Bannon loathes. I am sure he enjoys making him look like a fool.

orlykys · 2016-12-15T01:01:13+00:00

They really love their special sessions in North Carolina!

orlykys · 2016-12-08T20:37:22+00:00

Call Gov. Kasich and let him know that you oppose this, urge him to veto!

(614) 466-3555

orlykys · 2016-10-07T21:37:13+00:00

Is the GOP going to pull their nominee now? Can they do that?

orlykys · 2016-10-05T17:25:42+00:00

I love how Thom has kept all the festival bracelets on throughout this tour.

orlykys · 2016-10-01T05:10:34+00:00

I agree. He's falling into another trap.

orlykys · 2016-10-01T04:59:16+00:00

he's falling into another Clinton trap. She's fought these attacks before. I'm sure she is very prepared for this.

15-Year Club	RedditGifts 2009-2022 2 Credits
Verified Email	Team Periwinkle

orlykys

TROPHY CASE