• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 415
  • Last Modified:

access issue with settings change on Sonic firewall

Hi - We've been having an issue lately where our office internet connection at times becomes painfully slow, almost to the point of stopping. Typically our speeds are 60/down - 15 up. When these "events" occur, our speeds go to 4/down and .5/up, and this optimum cable. The firewall we have is a Sonicwall TZ-100 -  I have limited knowledge on firewalls, but someone asked me if IPS was activated, and it wasnt. I activated it, and am using the 30 day trial right now. When attempting to configure it, I basically kept all of the policies at the default setting, which was to basically block/detect EVERYTHING. I'm now noticing a few things are not functioning correctly. Most importantly, I'm unable to access any of the companies computers remotely via LogMeIn. All computers are showing as offline. I've attached the list of the policies that are set to be blocked, but I cant figure out which policy needs to be opened up so all PCs/server are accessible via logmein.
ips.jpg
0
hodgem
Asked:
hodgem
  • 3
  • 3
1 Solution
 
hodgemAuthor Commented:
PS - I did open up the "REMOTE ACCESS" to allow that :) but still cant access remotely.
0
 
Blue Street TechLast KnightsCommented:
Hi hodgem,

When attempting to configure it, I basically kept all of the policies at the default setting, which was to basically block/detect EVERYTHING.
The default policy is actually not enabled...you have to enable it and configure what to detect and block. I'd recommend setting it up as such:
High Priority Attacks          Block/Detect
Medium Priority Attacks    Block/Detect
Low Priority Attacks           Detect (Removing Blocking of Low Attacks should do it)
That list you attached is in App Control and again by default it is not enabled...you have to enable it and configure it.

With App Control configuring it is a process because there are many facets and many threads not entirely obvious by which enabling to block can have undesirable consequences. The process is to test as many business functions as possible (starting with the core working to supplemental) to see what is being blocked and what is not. You can see this activity in the Logs. Make sure to enable all Categories for the logging and set the logging to Debug.

Under Remote Access you can set LogMeIn = Disable/Enable so that it is being logged but not blocked. That should do it unless you have SSL Control enabled too. In which case you will need to add logmein.com to the whitelist.

Make sense?
0
 
hodgemAuthor Commented:
yes, thank you! Things seemed to have calmed down.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
Blue Street TechLast KnightsCommented:
Your welcome! I'm glad I could help and thanks for the points!
0
 
hodgemAuthor Commented:
Hi - sorry, need to open ask another question.
@diverseit, you were very helpful last time, should I create a new question?
0
 
Blue Street TechLast KnightsCommented:
Yes, by all means since this has already been closed open up a new question and I will keep my eye out for it!
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now