I have a SonicPoint aci with 2.4 and 5.0 radios. A VAP is defined with SSID "A". This VAP is assigned to both VAP group "Group.5.0" and "Group.2.4". The SonicPoint's "Radio 0 Virtual AP Group:" is set to "Group.5.0" and the "Radio 1 Virtual AP Group:" is set to "Group.2.4". My question is: When a client which is capable of using both radios associates with SSID "A", how is it determined which radio will be chosen? On some devices I see it connecting to the 2.4 and on others to the 5.0.
↧
Radio selection when SonicPoint radios share common VAPs.
↧
SonicWALL mobile connect iOS - callback URL issue
Hi,
I'm trying to make connect command URL with callback URL back to my app but for some reason it gives me an alert:
When trying myapptoopen:// from Safari it asks me to open my app. I can open that URL from other apps and it will launch my app.
When providing URL to a webpage in callback URL it works flawlessly.
As specified in the SonicWALL mobile connect user guide, value of callbackurl parameter is URL encoded.
"The URL value of callbackurl must be properly URL encoded to ensure that Mobile Connect can process the callback URL correctly. All appropriate characters in values of parameters used in URLs are required to be URL encoded. For instance, to match a space, enter %20."
This is how connection command URL looks like:
mobileconnect://connect?name=test&server=test-server&username=test&password=test&domain=development.local&connect=1&callbackurl=myapptoopen%3A%2F%2F
What am I missing? What's wrong with my connection URL?
Thank you,
Najdan Tomic
↧
↧
Microsoft RemoteApp no longer works after upgrade to Dell SMA 11.4
We've been using Aventail/Dell SMA for years. We pretty much left the system at 10.6.4 firmware for a long time because it was stable for us at that point. However, with windows 10 and other newer technologies and requirments now being an issue we were forced to upgrade to the latest version (11.4). After doing so - none of the MS RemoteApp links that we offer users through the workplace portal work. Rather than opening the application, it logs the user into the server desktop. In 99% of the cases it's just a blank desktop. In 1 or 2 places there is an icon for the app there and the users will click it and run their app. But that is not expected nor desired behavior. Does anyone know what we need to do to get the remoteapps to work with version 11.4?
I have an open ticket with Sonicwall but as for now they've been a huge dissapointment.
↧
no longer able to locate or download Mobile Connect from Mac App Store on OSX
Under Mac OSX, where do I now direct users to locate and download their Mobile Connect app?
When I now search the App Store, I get no results. I've searched for Sonicwall, Sonicwall Mobile Connect, Dell, etc. All return no results.
Help
↧
Chromebook domain settings file for Mobile Connect?
We are a Google Apps customer and just received 10 Chromebooks we purchased from Dell. We'd like to include the SonicWALL Mobile Connect client as one of the force-installed apps handed out by our domain policy. This works great but, it looks like we can also include a Settings file and there is no documentation of what sort of file is expected.
Has anyone created and used a settings file to pre-configure a connection with the Mobile Connect client? Can anyone tell me or point me towards an explanation of what type/format of file is expected?
Thank you!
↧
↧
Connecting Linux to a SonicWall VPN
Hello,
Apparently there was once a download link for a Linux version of the VPN client - I'm told it used to be here:
https://sslvpn.demo.sonicwall.com/cgi-bin/welcome
Is there a way people can still get this client? Or are there alternative ways of connecting? I'm running Ubuntu 16.04.
↧
SonicPoint clients get garbage IP address
SonicPoint N's, managed by a SonicWall NSA4500 which is acting as DHCP server for the wireless VLANs. We use multiple Virutal Access Points - some for employee use with WPA2-AUTO-EAP for authentication, some guest VAPs using a PSK.
When I look at the Station Status under "SonicPoints" on the management page, I often see some (but not all) clients connected to the employee VAPs, but with IP addresses in a useless range. That is, connected to the same virtual access point on the same SonicPoint, I'll see a client with a proper address from the DHCP server, and also a client with an address like 0.40.61.70 - which is not in scope, and not routable on our WAN.
Any idea where the *** that is coming from?
↧
SSLVPN Client Return IP Path
Hello,
Here is a question I have searched high and low to answer and cannot find any helpful information that actually solves the issue or much less leads me in the right direction. I am employed with a government agency that wishes to use mobile data terminals to communicate information back and forth to a centralized server. I set up a SSLVPN connection on our SonicWall for those MDT's and created users with appropriate privileges to communicate directly with the host server on our internal LAN. Good news is I can connect and interact with the server fine, even share and move files and run LAN based software, but the specific program running on the server needs to communicate using the same return path IP Address the client computer. (i.e. the server knows I connected to it using 192.168.1.150, but when I ping that address I loose all packets.)
From the client computer I can ping the internal IP of the server and get no lost packets. However from the server I cannot locate the client IP anywhere. I have made sure that the client IP's are not within the range of the DHCP IP's in the router and I have also made sure no other static IP's on the network are conflicting. I am not and IT engineer, I am simply an employee attempting to make it happen for my agency. Is SSLVPN even capable of what I need it to do here? I have checked firewall settings, attempted NAT Policies, address object and I just can't figure this one out. I can obviously ping the public IP address of the MDT from the server computer but the software is just not flexible enough to receive on one IP, yet send to a separate one for the same MDT.
Any thoughts? Thanks for the help.
↧
In need of a replacement for SRA 4600
Hi
We have a couple of SRA 4600 and now all of our resellers tell me that the product is no longer available.
I've asked the sale and support team about this and they could not recommend any units to replace our SRA 4600.
Dose anyone in the Forum recommend a replacement module for the SRA 4600?
Thanks in advance
↧
↧
SMA 8200v Virtual Appliance RDP BUG - Multiple values
I've just upgraded my SMA 8200v Virtual Appliance from 11.4 to 12.0 (12.0.0-064) and I am not be able to list all RDP connections, but only the last one from the list.
11.4:
PC1
PC2
PC3
PC4
12.0:
PC4
On 11.4 version everything was fine. Can you help me with that?
↧
Deployment for SMA 500v?
Hi All,
I'm new to SonicWALL and I'm testing a virtual SMA 500v appliance. So far everything is working well but I'm in testing directly on my LAN with a single interface. I can't seem to find any best practice deployment guides to help me determine how my final setup should be. I was thinking of putting the X0 interface with a Public IP and the X1 interface on my LAN but I'm worried that might put me at risk. I am I better in a DMZ scenario or perhaps just leaving it as is and doing a port forward from my Firewall to the LAN X0 interface as I have I configured now?
Scenario 1: - SIMPLE
X0 - WAN
X1 - LAN
Scenario 2: - SIMPLE
Port forward 443 on my FW to SMA LAN address
Scenario3: - COMPLEX
Setup a DMZ on my FW
X0 with a DMZ address
X1 with a LAN address
Port forward 443 on my FW to the SMA DMZ address
What would be the security risks with Scenario 1 and 2 vs 3?
↧
sonicwall tz400 ssl vpn compatible with openvpn client?
From what I understand the sonicwall tz 400 ssl vpn client doesn't work with windows xp and vista with the newest iterations. In place of that, I would like to use a standardized client such as openvpn to connect to the tz400. I have successfully used an openvpn client to connect to ssl vpn of a variety of other firewall brands. Does anyone know if the tz 400 would work with a openvpn client?
openvpn.net
↧
Firewall switchover, VPN tunnel, DHCP problem
Replacing three TZ215 firewalls with TZ300s at three identical small offices. They do site-to-site VPN back to our central office NSA4500; they are set up with IP helper back through the VPN tunnel to a Microsoft DHCP server at the central office. Has worked great with TZ215s for years.
One change in the WAN structure is, I am renumbering two of the three sites to simplify some routing.
So - I configure one of the new TZ300s, configure a new DHCP scope for it to talk to, and the VPN tunnel comes alive and my test clients get addresses through the tunnel. Beautiful. I export that config, import it to the second TZ300, change the internal LAN address and the VPN config, Tunnel comes up, clients get addresses from another new DHCP scope just as they should.
Third new firewall; network doesn't need a renumbering, so after I import the saved configuration and reconfigure the internal LAN and the VPN config, I take the old VPN tunnel down temporarily; only then do I bring this one up. The tunnel comes up, and if I connect a PC with a static IP to the new firewall, it works just fine - but the IP helper does not work. I get useless auto-configure addresses. Even though there's a scope in place it should talk to (and all other traffic goes through), it doesn't work.
When I create a new test DHCP scope and LAN subnet for that VPN tunnel, it works. So - I'm certain it's not the TZ300 config or a problem with the VPN tunnel. For some reason, the DHCP server doesn't respond to the request for DHCP when I switch to the new VPN tunnel. I've tried various combinations of restarting the firewall and the PC, with no luck. Tried restarting the DHCP service; no luck with that either.
DHCP logs don't show any clients' requests being rejected, so it seems the requests aren't even getting to the DHCP server when the tunnel is pointing at the old scope.
Is there something in the NSA4500 config that I should be looking at here? Some reason it wouldn't be forwarding DHCP traffic from a new source to an old scope?
↧
↧