We help IT Professionals succeed at work.

Cert issue after installing a new firewall

We recently changed firewalls to a Sonicwall 2400. When smartphone users try to connect to our mail server they get an error. TestExchangeConnectivity.com shows the following error:

  Additional Details
  Host name mail.ourdomain.com doesn't match any name found on the server certificate CN=10.0.0.2, OU=HTTPS Management Certificate for SonicWALL (self-signed), O=HTTPS Management Certificate for SonicWALL (self-signed), L=Sunnyvale, S=California, C=US.

I don't think we had any sort of certificate on the old firewall, but can't be certain. Our mail server has the right certs.

Is there a way to get the Sonicwall out of the cert business entirely? If not, what are my options. I tried importing the certs on the mail server to the firewall, but it didn't solve the problem (though I could have done it incorrectly....)

 
Comment
Watch Question

nociSoftware Engineer
BRONZE EXPERT
Distinguished Expert 2019

Commented:
You can request a certificate using some certificate CA.
Removing the certificate would mean you manage your firewall without any password security...
nociSoftware Engineer
BRONZE EXPERT
Distinguished Expert 2019

Commented:
cacert.org is such a certificate authority.
Commented:
After contacting Sonicwall support, we learned that HTTPS management takes precedence over any other activity on that port. By disabling HTTPS mgmt on the WAN port (which wasn't a good idea to begin with, but was convenient when rolling it out) we were able to get past the error.

Author

Commented:
received help from Sonicwall support

Explore More ContentExplore courses, solutions, and other research materials related to this topic.