• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3095
  • Last Modified:

Dell SonicWall - How do I immediately terminate a connection

I have a device using a lot of bandwidth. I don't know how to identify the person since I only have an IP address, and I don't know how to get the device name from the wireless device. How I can force them off our connection immediately? Thank you!
0
Kris5454
Asked:
Kris5454
  • 8
  • 6
  • 3
1 Solution
 
bbaoIT ConsultantCommented:
which version of SonicOS are you running on the given device? what's the model name?
0
 
Kris5454Author Commented:
Dell SonicWall NSA 3600
0
 
bbaoIT ConsultantCommented:
what's the version of SonicOS?
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
Kris5454Author Commented:
Can you please tell me where to find that information?
0
 
bbaoIT ConsultantCommented:
log on the web console of your SonicWALL device, commonly the System Information is under System > Status under in the left pane.
0
 
Kris5454Author Commented:
SonicOS Enhanced 6.1.1.1-9n
SonicROM 5.4.0.13
0
 
Blue Street TechLast KnightCommented:
Hi  Kris5454,

To block a wireless device, simply go to Wireless > Status, then click the Block icon, which will automatically add an Address Object for the device's MAC address and add it to the Default ACL Deny Group.

Then all you have to do is enabled/setup MAC Filter List (Wireless > MAC Filter List, then put a checkmark next to Enable MAC Filter List). By default the Deny List: will already have selected the Default ACL Deny Group. Now you have two options under the Allow List: , either:
a) select Allow All MAC Addresses, which will do just that except for any MAC addresses found in the block list or
b) Create an Allow List Group , select it and explicitly add each MAC address you want to access the WLAN.
Let me know if you have any questions!
0
 
Kris5454Author Commented:
How do I get to the "Wireless" area? I don't see it as an option on the left side of the menu for the SonicWall.
0
 
Blue Street TechLast KnightCommented:
You provided the SonicOS version but what model is it (should be located in the same place as the SonicOS)?

Can you provide a screenshot of your left pane once logged into the SonicWALL?

Depending on your model you may not have built-in Wireless. If that is the case, get the MAC address from the DHCP Server Current Lease or ARP Cache sections and create an Access Rule to deny the MAC Address from its Zone to the WAN.
0
 
Kris5454Author Commented:
NSA 3600

DellSonic Menu
0
 
Blue Street TechLast KnightCommented:
Ok, the NSA 3600 doesn't have built-in wireless as a feature...that feature stops in models after NSA 250M.

So in this case, get the MAC address from the DHCP Server Current Lease or ARP Cache sections and create an Access Rule to deny the MAC Address from its Zone to the WAN.
0
 
Kris5454Author Commented:
I'm almost there, but how do you specify which MAC address to deny? There isn't a field to enter that data. I can pick a group of users, but not an individual address.
0
 
Blue Street TechLast KnightCommented:
To block a host from accessing the Internet you need to create an Address Object for the specific device. Setup the Address Object as follows:
Name: <any name you desire to identify it>
Zone Assignment: WLAN or whatever zone the workstation is currently connected to.
Type: MAC
MAC Address: <input the MAC address from the suspicious workstation >
Now go to Access Rules and setup a new Rules as follows:
Action: Deny or Discard (if applicable)
From: WLAN
To: WAN
Service: HTTP or whatever services you wish to block
Source: <select the Address Object we just create above.>
Destination: Any
Users: All
Schedule: Always on
Comment: whatever you want to document this rule
Logging: Checked
Allow Fragmented Packets: Checked
It is important to block this workstation by MAC address rather than IP since all they have to do is either manually change the IP or get issued a new one by the DHCP server in order to circumvent an IP Address block.

Let me know if you have any questions!
1
 
Kris5454Author Commented:
Thank you very much!
0
 
Blue Street TechLast KnightCommented:
My pleasure!
0
 
Kris5454Author Commented:
I really appreciate the detailed step by step instructions.
0
 
Blue Street TechLast KnightCommented:
No problem...that is what we're here for! I'm glad I could help and thanks for the points.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

  • 8
  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now