SonicWall Firewall rules don't seem to take affect until after i reboot the device

We are running a SonicWall Pro 3060 with the Enhanced OS. When I create a firewall rule to block certain traffic, those connections still show as active in the connections monitor for quite a while before they drop off. It will be 30 minutes before they all disappear. Any way to make that happen without rebooting the device?
crdixonAsked:
Who is Participating?
 
getzjdCommented:
Your firewall rules, are they still set at the default values of 15 minutes or did you change them to 30?  Not that should matter because SonicWall changes should take effect immediately.
0
 
digitapCommented:
i've not heard of that before, but flushing the arp table would net the same as restarting the sonicwall.  i'm sure this has been adressed, but have you updated the firmware?
0
 
digitapCommented:
question: what kind of swith are your computers connected to?  if you disconnect everything, connect your  computer directly to X0, make a change to the sonicwall...does the change happen immediately?
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
DonConsolioCommented:

Try to flush the unwanted connections in Active Connections Monitor.
0
 
DonConsolioCommented:
I am no Sonicewall expert, but usually (at least for the firewalls i know) new rules
only affect new connections, while existing ones remain untouched.

Terminate the already established connections (Connection Monitor) or
reboot the firewall (i.e. terminate all connections)
0
 
digitapCommented:
my experience with the sonicwall is the rules take afeect immediately.
0
 
DonConsolioCommented:
They immediately do affect new connections, but i doubt that existing ones are affected.
0
 
digitapCommented:
Being uncertain myself, i loaded up a pro 3060 and ran a continuous ping to 74.125.227.50 (one of the www.google.com IPs).  i then setup a rule to deny LAN > WAN from Any Source and 74.125.227.50 as the destination.  as soon as i clicked OK to create the rule, my ping failed.
0
 
crdixonAuthor Commented:
I swapped this deviced out with an NSA240 with the secuity suite. The "Flush" option now appears on this box and the updated software subscrition seems to have fixed all my woes.
0
 
digitapCommented:
great...glad things worked out.  thanks for the points!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.