Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SonicWall Firewall rules don't seem to take affect until after i reboot the device

Posted on 2010-11-22
10
Medium Priority
?
1,141 Views
Last Modified: 2012-05-10
We are running a SonicWall Pro 3060 with the Enhanced OS. When I create a firewall rule to block certain traffic, those connections still show as active in the connections monitor for quite a while before they drop off. It will be 30 minutes before they all disappear. Any way to make that happen without rebooting the device?
0
Comment
Question by:crdixon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 34193384
i've not heard of that before, but flushing the arp table would net the same as restarting the sonicwall.  i'm sure this has been adressed, but have you updated the firmware?
0
 
LVL 33

Expert Comment

by:digitap
ID: 34193417
question: what kind of swith are your computers connected to?  if you disconnect everything, connect your  computer directly to X0, make a change to the sonicwall...does the change happen immediately?
0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 34193425

Try to flush the unwanted connections in Active Connections Monitor.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 15

Accepted Solution

by:
getzjd earned 400 total points
ID: 34193480
Your firewall rules, are they still set at the default values of 15 minutes or did you change them to 30?  Not that should matter because SonicWall changes should take effect immediately.
0
 
LVL 15

Assisted Solution

by:DonConsolio
DonConsolio earned 800 total points
ID: 34193565
I am no Sonicewall expert, but usually (at least for the firewalls i know) new rules
only affect new connections, while existing ones remain untouched.

Terminate the already established connections (Connection Monitor) or
reboot the firewall (i.e. terminate all connections)
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 800 total points
ID: 34193630
my experience with the sonicwall is the rules take afeect immediately.
0
 
LVL 15

Assisted Solution

by:DonConsolio
DonConsolio earned 800 total points
ID: 34193691
They immediately do affect new connections, but i doubt that existing ones are affected.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 800 total points
ID: 34194131
Being uncertain myself, i loaded up a pro 3060 and ran a continuous ping to 74.125.227.50 (one of the www.google.com IPs).  i then setup a rule to deny LAN > WAN from Any Source and 74.125.227.50 as the destination.  as soon as i clicked OK to create the rule, my ping failed.
0
 

Author Comment

by:crdixon
ID: 34327177
I swapped this deviced out with an NSA240 with the secuity suite. The "Flush" option now appears on this box and the updated software subscrition seems to have fixed all my woes.
0
 
LVL 33

Expert Comment

by:digitap
ID: 34327247
great...glad things worked out.  thanks for the points!
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question