Solved

Firewall rule problems

Posted on 2013-01-17
4
405 Views
Last Modified: 2013-01-28
We have a Sonicwall NSA 2400...  We were making some tweaks to our Firewall rules and accidentally deleted a WAN->LAN rule and now some of our websites won't connect.  For example my Dropbox service won't connect, https won't connect, and the internet has slowed down a bit.  

Within the logs it looks like it's now dropping connection to Dropbox servers and listing it as Intrusion Prevention.  ALso, we use a website for our Accounting and now that site will not connect over and https connection.  Any ideas on how to get this rule set back up without letting the world in?
0
Comment
Question by:Vontech615
  • 3
4 Comments
 
LVL 9

Expert Comment

by:Sandeep Gupta
Comment Utility
do you write the changes in FW?

if not then reload in once
0
 
LVL 1

Author Comment

by:Vontech615
Comment Utility
Well, the deletion was made within the GUI to CLI so I'm assuming it was written to.
0
 
LVL 1

Accepted Solution

by:
Vontech615 earned 0 total points
Comment Utility
We tracked down a problem.  There were 3 rules related to http,https, & ICMP that were deleted.
 
The rule structure were as follows:

1. DMZ->LAN --- allow:  http, https, ICMP
2.WAN->LAN --- allow:  http, https, ICMP
3.WAN->DMZ --- allow:  http, https, ICMP
0
 
LVL 1

Author Closing Comment

by:Vontech615
Comment Utility
I was able to solve this problem myself.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now