Solved

Sonicwall TZ205 - Question about Connection Monitor - How to Identify Access Rules

Posted on 2013-10-27
3
726 Views
Last Modified: 2013-12-02
Hi Peeps,
Ive started supporting a TZ205 running SonicOS Enhanced 5.8.1.8-37o

This FW has lots of custom Access Rules and I need to clean them up.  

Is there any way to see which connections map to which Firewall Access Rule?

(apart from comparing 'connection monitor' results with each zone to zone access rules manually)

Many thanks
Tom
0
Comment
Question by:TreadStone_IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 25

Assisted Solution

by:Diverse IT
Diverse IT earned 500 total points
ID: 39604594
Hi Tom,

If you hover over the Access Rules on the far right icon (Statistics) it will show you how many connections and by that you can determine if they are active or not.
0
 

Author Comment

by:TreadStone_IT
ID: 39604678
Thanks for the reply and info diverseit.    

I did find that feature has been really useful up to now.  In the case of lots of rules though, I was looking for, hoping there may be something more concrete in the diagnostics\packet capture area of the FW.

Cheers
Tom
0
 
LVL 25

Accepted Solution

by:
Diverse IT earned 500 total points
ID: 39604759
Are these Access Rules WAN > LAN or LAN > WAN?

Try Systems > Diagnostics then select the Connections Monitor. From there you can filter the connections you want to look at and also view all the current connections under the Active Connections Monitor.

Also, Systems > Packet Monitor if you need an actual packet monitor.

You probably already know this but I'd recommend disabling the Access Rules instead of just deleting them. I'd give it some time to see if any issues pop up.
Let me know how it goes!

P.S. is Threadstone in homage to the Bourne series by chance?
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Opening Ports for Specific LAN IP Address on Juniper SRX240 3 47
IP range 6 59
Certification Follow-up 2 58
Bandwidth Hugers how to find them 9 45
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question