Solved

SonicWall Firewall rules don't seem to take affect until after i reboot the device

Posted on 2010-11-22
10
994 Views
Last Modified: 2012-05-10
We are running a SonicWall Pro 3060 with the Enhanced OS. When I create a firewall rule to block certain traffic, those connections still show as active in the connections monitor for quite a while before they drop off. It will be 30 minutes before they all disappear. Any way to make that happen without rebooting the device?
0
Comment
Question by:crdixon
10 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 34193384
i've not heard of that before, but flushing the arp table would net the same as restarting the sonicwall.  i'm sure this has been adressed, but have you updated the firmware?
0
 
LVL 33

Expert Comment

by:digitap
ID: 34193417
question: what kind of swith are your computers connected to?  if you disconnect everything, connect your  computer directly to X0, make a change to the sonicwall...does the change happen immediately?
0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 34193425

Try to flush the unwanted connections in Active Connections Monitor.
0
 
LVL 15

Accepted Solution

by:
getzjd earned 100 total points
ID: 34193480
Your firewall rules, are they still set at the default values of 15 minutes or did you change them to 30?  Not that should matter because SonicWall changes should take effect immediately.
0
 
LVL 15

Assisted Solution

by:DonConsolio
DonConsolio earned 200 total points
ID: 34193565
I am no Sonicewall expert, but usually (at least for the firewalls i know) new rules
only affect new connections, while existing ones remain untouched.

Terminate the already established connections (Connection Monitor) or
reboot the firewall (i.e. terminate all connections)
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 33

Assisted Solution

by:digitap
digitap earned 200 total points
ID: 34193630
my experience with the sonicwall is the rules take afeect immediately.
0
 
LVL 15

Assisted Solution

by:DonConsolio
DonConsolio earned 200 total points
ID: 34193691
They immediately do affect new connections, but i doubt that existing ones are affected.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 200 total points
ID: 34194131
Being uncertain myself, i loaded up a pro 3060 and ran a continuous ping to 74.125.227.50 (one of the www.google.com IPs).  i then setup a rule to deny LAN > WAN from Any Source and 74.125.227.50 as the destination.  as soon as i clicked OK to create the rule, my ping failed.
0
 

Author Comment

by:crdixon
ID: 34327177
I swapped this deviced out with an NSA240 with the secuity suite. The "Flush" option now appears on this box and the updated software subscrition seems to have fixed all my woes.
0
 
LVL 33

Expert Comment

by:digitap
ID: 34327247
great...glad things worked out.  thanks for the points!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now