Solved

access issue with settings change on Sonic firewall

Posted on 2013-12-04
6
370 Views
Last Modified: 2013-12-17
Hi - We've been having an issue lately where our office internet connection at times becomes painfully slow, almost to the point of stopping. Typically our speeds are 60/down - 15 up. When these "events" occur, our speeds go to 4/down and .5/up, and this optimum cable. The firewall we have is a Sonicwall TZ-100 -  I have limited knowledge on firewalls, but someone asked me if IPS was activated, and it wasnt. I activated it, and am using the 30 day trial right now. When attempting to configure it, I basically kept all of the policies at the default setting, which was to basically block/detect EVERYTHING. I'm now noticing a few things are not functioning correctly. Most importantly, I'm unable to access any of the companies computers remotely via LogMeIn. All computers are showing as offline. I've attached the list of the policies that are set to be blocked, but I cant figure out which policy needs to be opened up so all PCs/server are accessible via logmein.
ips.jpg
0
Comment
Question by:hodgem
  • 3
  • 3
6 Comments
 

Author Comment

by:hodgem
ID: 39696354
PS - I did open up the "REMOTE ACCESS" to allow that :) but still cant access remotely.
0
 
LVL 25

Accepted Solution

by:
Diverse IT earned 500 total points
ID: 39697171
Hi hodgem,

When attempting to configure it, I basically kept all of the policies at the default setting, which was to basically block/detect EVERYTHING.
The default policy is actually not enabled...you have to enable it and configure what to detect and block. I'd recommend setting it up as such:
High Priority Attacks          Block/Detect
Medium Priority Attacks    Block/Detect
Low Priority Attacks           Detect (Removing Blocking of Low Attacks should do it)
That list you attached is in App Control and again by default it is not enabled...you have to enable it and configure it.

With App Control configuring it is a process because there are many facets and many threads not entirely obvious by which enabling to block can have undesirable consequences. The process is to test as many business functions as possible (starting with the core working to supplemental) to see what is being blocked and what is not. You can see this activity in the Logs. Make sure to enable all Categories for the logging and set the logging to Debug.

Under Remote Access you can set LogMeIn = Disable/Enable so that it is being logged but not blocked. That should do it unless you have SSL Control enabled too. In which case you will need to add logmein.com to the whitelist.

Make sense?
0
 

Author Comment

by:hodgem
ID: 39705172
yes, thank you! Things seemed to have calmed down.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 25

Expert Comment

by:Diverse IT
ID: 39705176
Your welcome! I'm glad I could help and thanks for the points!
0
 

Author Comment

by:hodgem
ID: 39725107
Hi - sorry, need to open ask another question.
@diverseit, you were very helpful last time, should I create a new question?
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39725217
Yes, by all means since this has already been closed open up a new question and I will keep my eye out for it!
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question