Quantcast
Channel: Secure Mobile Access - Recent Threads
Viewing all 93 articles
Browse latest View live

SMA 400

March 30, 2016, 10:19 am
$
0
0

Info regarding SMA 400 not clear on website.  After several calls, SMA 400 is a few months old and is the newer technology.  So far no demo or user manual available for this new SMA 400.

Here are my questions:

Licensing: Comparison sheet states it comes with 25 licenses.  Is this GVPN or SSL/VPN(Netextender licenses)?  

Security: How do I prevent viruses/malware from home/user devices from accessing my network when using Netextender?

Reporting:  We are testing users for "TELECOMMUTING".  Does the SMA 400 come with email reporting weekly so I can see who has access, how long they have accessed and how much bandwidth used?

Networking:  Is it best to install this product on the LAN side or DMZ?

Best Practice:  After speaking with a person in sales, he stated that the GVPN client does not support MAC/mobile etc and to use Netextender instead. Does anyone have a "best practice" guide to support/secure the end telecommuting user with NetExtender?

Search

Dell Community Site Maintenance.

April 6, 2016, 10:17 am
$
0
0

The Dell Community team will be performing site maintenance starting on Wednesday, April 6th, 2016 at 8:30 PM CST until Thursday, April 7th, 2016 at 8:30 AM CST. During this time the site will be set to read-only. You will not be able to log in to the community.

 

Thank you for your patience.

Sonicwall SMA series

April 11, 2016, 5:27 am
$
0
0

Hi,

Do i get lync reverse Proxy Support with new SMA devices?

NetExtender error Error: Fail to DecryptData, ClientHandshakeLoop fail in hand shake

April 28, 2016, 6:47 pm
$
0
0

I'm getting errors when using netExtender 8.0.238 connecting to an NSA 240 with SonicOS Enhanced 5.9.1.5 . The log is recording the following:

2016/04/28 19:29:42, NetExtender Core: Proc-0x7C04:Thr-0x5114: Info: Received DRIVER_EVENT_RING

2016/04/28 19:29:42, NetExtender Core: Proc-0x7C04:Thr-0x5114: Info: _ssloutgoing_handle_thread_func, Thread ID = 0x1CDC, Thread Handle = 0x6F8

2016/04/28 19:29:42, NetExtender Core: Proc-0x7C04:Thr-0x5114: Info: _sslincoming_handle_thread_func, Thread ID = 0x564C, Thread Handle = 0x6FC

2016/04/28 19:29:42, NetExtender Core: Proc-0x7C04:Thr-0x564C: Error: Fail to DecryptData, ClientHandshakeLoop fail in hand shake, error: -2146893048

2016/04/28 19:29:42, NetExtender Core: Proc-0x7C04:Thr-0x564C: Status update: statCode = 0x6000308, stepData = 0

2016/04/28 19:29:42, NetExtender Core: Proc-0x7C04:Thr-0x564C: Error: Failed in Decrypt data! Error code = -2146893048

2016/04/28 19:29:42, NetExtender Core: Proc-0x7C04:Thr-0x564C: Info: Channel Closed

2016/04/28 19:29:42, NetExtender Core: Proc-0x7C04:Thr-0x564C: Info: Exiting thread _sslincoming_handle_thread_func

2016/04/28 19:29:42, NetExtender Core: Proc-0x7C04:Thr-0x6940: Info: Inside RasDialFunc1, rascs = 2, dwError = 651

2016/04/28 19:29:43, Receive SvcMsg : 261, wParam = 1, lParam = 0, content length = 0
2016/04/28 19:29:43, NetExtender Core: Proc-0x7C04:Thr-0x7764: Status update: statCode = 0x3000600, stepData = 0

2016/04/28 19:29:43, NetExtender Core: Proc-0x7C04:Thr-0x7764: Info: Attempting RAS Hang Up

2016/04/28 19:29:43, NetExtender Core: Proc-0x7C04:Thr-0x7764: Info: call into RasHangUp().

2016/04/28 19:29:43, NetExtender Core: Proc-0x7C04:Thr-0x7764: Info: RasHangUp() return 668.

2016/04/28 19:29:43, NetExtender Core: Proc-0x7C04:Thr-0x7764: Info: RasGetConnectStatus() return 6.

2016/04/28 19:29:43, NetExtender Core: Proc-0x7C04:Thr-0x7764: Info: RAS Hung Up

2016/04/28 19:29:43, NetExtender Core: Proc-0x7C04:Thr-0x7764: Info: Channel Closed

Help please!

SRA virtual - File Shares - Internal server error

May 19, 2016, 4:24 am
$
0
0

Hi,

for an unknown reason, the file shares bookmarks stopped working. We had firmware 8.1.0.2 running for a while and upgraded to 8.1.0.3. But neither 8.1.0.2 or 8.1.0.3 is working right now. No changes on the firewall, no dropped packets, etc.

I tried to establish a file share to a Windows 2008 R2 server and a Synology NAS without luck.

The log reports two messages:

- Network File Share - Invalid or restricted access
- and just the number 16

We had a similar problem in the past (going from 7.5 to 8.0) and it was related to the server name format, currently we have //192.168.x.y/public/ but tried with backslashes as well. No matter what, the HTML5 file share window just shows "internal server error". Even no authentication pops up.

Before I open up a ticket I was thinking asking my fellow forum members if someone struggled about this as well.

---UPDATE---

I did a packet capture between SRA and NAS and the SRA is getting the list of all directories on the requested file share, but not showing them, instead showing internal server error.

Thanks in advance.

--Michael

Deploy NetExtender NACagent / EPC agent silently

June 7, 2016, 12:22 am
$
0
0

Is there any way to download an installation package for the EPC agent?
We would like to be able to deploy the plugin so that users do not need to install this at first connection.
Can I download the plugin directly from the SRA?


NetExtender silent deployment is no problem.

Mobile Connect on iOS and macOS not using DNS

July 16, 2016, 3:43 am
$
0
0

Hi,

I found some older post about MobileConnect connecting to NSA on iOS and macOS not using the DNS for resolving local names.

This seems to be also valid for SMA 100/SRA SMB 8.5 and the latest MobileConnect 4.x.

On Windows 10 it works as announced, all DNS requests for mydomain.local get forwarded to the specified DNS, but not on iOS and macOS.

Did anyone got a solution for this, or is it a known limitation?

--Michael

SMA 11.4 - SSO Outlook Web Access 2013 not working

July 21, 2016, 2:47 am
$
0
0

Hi,

I'am currently struggling with SSO to automatically log into OWA 2013. The form fields do not get populated.

Authentication on the SMA via AD is working, Exchange resource is defined (web profile and SSO profile) but I'am stuck at the OWA login screen. The crazy thing is that it was working once, but not any longer.

It seems that the SSO profile (which is separated from the web profile) does not get triggered.

Any help highly appreciated, but I'll also fire up a service request.

--Michael

Search

Upgrade from SRA 4200 to SMA 400 breaks JAVA RDP Bookmarks

August 1, 2016, 4:11 am
$
0
0

We purchased new SMA 400s to replace our SRA 4200s. I exported the configuration of the SRA 4200 running firmware 8.0.0.5 and imported the configuration into the SMA400 running 8.1.0.2. I then upgraded the SMA 400 to the latest version 8.5.0.0-13sv. All settings were imported the only problem I have is that Java RDP Bookmark are not working anymore. When the bookmark is opened you need to confirm the opening of the Java applet 3 times and when you expect to see the mstsc client connecting to 127.0.0.2 you instead get a java error: "Connection Failed".

In the (RemoteDesktopServices-RdpCoreTS) event log the following RDP error is logged:

* The server accepted a new TCP connection from client w.x.y.x:123345

* Connection RDP-Tcp#47 created

* PerfCounter session started with instance ID 47

* RDP_TCP: An error was encountered when transitioning from StatePreparingX224CC in response to Event_ERROR_SendingX224CC (error code 0x0).

* The server has terminated main RDP connection with the client.

When I try to open the same bookmark on the SRA 4200 connecting to the same terminal server everything works without problems. The Terminal Server is a Server 2012 R2 running RD services.

I cannot use HTML5 bookmarks because the client can only use Java bookmarks.

I also noticed another problem on both SRA and SMA. If you disable TLS1.0 on the Terminal Server and try to connect using HTML5 RDP bookmark the SSLVPN service on the SRA/SMA either crashes or does not respond anymore so you have to restart the appliance.

Custom SSO Credentials not working in 8.1

August 10, 2016, 8:56 am
$
0
0

All,

I recently upgraded to 8.1.0.2-14sv from 7.5 and in the process my custom credentials for RDP connections have broken. I thought it worth noting here in case others have the same experience.

I have an SRA domain name which uses radius authentication and for years I've been using an RDP ActiveX bookmark for my users with Custom login credentials..

Username: %USERNAME%

Password:[nothing entered here]

Domain : [My active directory domain which is different from SRA domain name]

After the update to 8.1, my users were prompted to enter their credentials into the RDP client whereas previously the credentials were passed without issue.

After a long running support ticket, Dell have declared that it was a bug that previously allowed this to work. The only way around this now is to match the SRA domain name to the Active Directory Domain name. This seems a bit odd to me given the description in the admin guide and the fact it used to work. The only purpose of the custom SSO credentials now is where username, password and domain are fixed which is a bit limited in terms of usefulness.

Regards, Graeme

Here's the relevant excerpt from the Admin guide.

"Creating Bookmarks with Custom SSO Credentials

The administrator can configure custom Single Sign On (SSO) credentials for each user, group, or globally in HTTP(S), RDP (Java, ActiveX, VNC), File Shares (CIFS), and FTP bookmarks. This feature is used to access resources such as HTTP, RDP and FTP servers that need a domain prefix for SSO authentication. Users can log in to the SMA/SRA appliance as username, and click a customized bookmark to access a server with domain\username. Either straight textual parameters or dynamic variables might be used for the Username and Domain. For the Password field, enter the custom password to be passed, or leave the field blank to pass the current user’s password to the bookmark."

 https://documents.software.dell.com/sonicwall-sma-100-series/8.1/administration-guide/configuring-users-logs/users-configuration/users-local-users/editing-user-settings/adding-or-editing-user-bookmarks?ParentProduct=868#2562598

Dual VPNs? SonicWall & Windows Server?

July 7, 2015, 1:19 pm
$
0
0

We were using Sonicwall Global VPN and for easy of use and setup, we want to be able to use the standard Windows VPN.  Can both be used or does the firewall have to be setup for one or the other.  I setup the NAT for PPTP service between public and our internal Windows 2012 Server but I'm getting error 800 on the Windows VPN  and the SonicWall log is showing IKEv2 VPN Policy not found.

Top 5 Recommended Secure Remote Access (SRA) -- July13, 2015

July 17, 2015, 9:39 am
$
0
0

Please find below Support's Top 5 Recommended Mobile Security articles for the week of July 13, 2015!

1.  Is Windows XP supported for SRA or Net Extender? Information on support For Windows XP

2. Why does Net Extender not work on my MAC? Information on support for net Extender on MAC 

3. Configuring a Terminal Server Farm bookmark. Steps for configuring a Terminal Server Farm bookmark

4.  Leap Second Adjustment  This document answers the question whether Sonicwall products are affected by Leap Second Adjustment on 30th June 2015

5.  How can I turn off TLS 1.0 or 1.1 on my SRA appliance? New feature available in 8.0.0.3 for new PCI compliance constraints on TLS

Do not forget to check back for updated Support Recommended articles weekly.
Search thousands of Knowledge Base articles online on the Support Portal

SRA EX6000 users without default gateway

July 22, 2015, 6:22 am
$
0
0

I have a Sonicwall SRA EX6000 appliance and I set up the version 11.2.0-258, my clients are set up in version 11.20.258.

After this upgrade, in Aventail connect, users are connected in total access but they have multiple problems:

- they don't recover a default gateway

- they can't ping nothing (Internet or servers into the LAN) and don't have access to Internet or internal applications

- no flow are seen on the firewall and no connexions are seen on the appliance Aventail

And on the web portal, when users click on a link, the following message appear: error 400 bad request.

Have you any idea?

Sonicwall SRA 1600 Connection Issue

July 22, 2015, 7:20 am
$
0
0

I have a quick question that I'm hoping someone may be able to help with.

The last 3-4weeks I have been having an issues where the Net-extender stops working. It will say the connection is interrupted.  In order to resolve this I need to restart the VPN appliance.


I have a SRA 1600 with SonicOS SSL-VPN 7.5.0.15-35sv firmware.   Is this just a known issue with this firmware version?


It is manageable right now with just a restart as it happens once every week and a half or so. I'm just curious if anyone has run into this before.

Thanks

Can't acces network with netextender

July 27, 2015, 12:53 am
$
0
0

Hi all!

Thanks in advance for thinking with me! I'm having some trouble setting up netextender with my TZ100 router. 

I used the guide on:
https://support.software.dell.com/kb/sw10657

When logging in from remote, i do get an ip adres from my DHCP server, in the range i located. 

I can't acces my devices on the network. So i get the Ip adres, 192.168.12.150, but can't acces 192.168.12.200. 

I'm sure this device is online, since my port forward is working. 

Somebody some tips?

Search

Windows 10 Edge vs. HTML5 RDP

August 1, 2015, 5:11 am
$
0
0

We just upgraded a test SRA4200 and the mouse doesn't present on the HTML5 RDP sessions in the new Windows 10 Edge browser.  You can see where the mouse it hovering over certain parts of the RDP session, but there is no pointer.

We have tested this in 8.0.0.1 and just now in 8.0.0.3 on a couple different machines.

SRA 8.0.0.3 doesn't pass the SSLLabs test as it does on 8.0.0.1.

August 3, 2015, 6:23 am
$
0
0

We can only get a B grade on an SRA4200 running v8.0.0.3 using SSLLabs.com SSL tester.  With the identical setup on an SRA4600 running v8.0.0.1, we get an A.  I have attached a PDF of the scan results with detail.

HTML5 RDP warning...

August 4, 2015, 5:41 am
$
0
0

Is there a way to hide the "The remote computer could not be authenticated.....Do you want to continue?" message that pops up when connecting to an HTML5 RDP session using NLA on Windows 7?

Top 5 Recommended Secure Remote Access (SRA) -- Aug 3rd, 2015

August 6, 2015, 2:29 pm
$
0
0

Please find below Support's Top 5 Recommended Mobile Security articles for the week of Aug 3rd, 2015!

1. Why are Net Extender or Active X bookmarks not launching from the SRA Portal? Information on Windows 10 support

2. Java CIFS bookmark wont allow transfer to local filesystem on MAC Known issue on Mac.

3.  Is Windows XP supported for SRA or Net Extender? Support information for XP

4.  Why does Net Extender not work on my MAC? Support information for MAC Net Extender

5.   Configuring a Terminal Server Farm bookmark. Steps for configuration.

Do not forget to check back for updated Support Recommended articles weekly.
Search thousands of Knowledge Base articles online on the Support Portal

SonicWall Mobile Connect Version 3.1.6 (316) OS X Yosemite 10.10.4

August 9, 2015, 2:37 am
$
0
0

My Macbook Pro lets me connect ok when it has as Thunderbolt/Ethernet cable attached but when I try and connect using Wifi only it fails to establish a connection and does not provide any help regarding the reason. The wifi connection works perfectly.

Any ideas welcome.

Dave

Viewing all 93 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>