Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

access issue with settings change on Sonic firewall

Posted on 2013-12-04
6
Medium Priority
?
395 Views
Last Modified: 2013-12-17
Hi - We've been having an issue lately where our office internet connection at times becomes painfully slow, almost to the point of stopping. Typically our speeds are 60/down - 15 up. When these "events" occur, our speeds go to 4/down and .5/up, and this optimum cable. The firewall we have is a Sonicwall TZ-100 -  I have limited knowledge on firewalls, but someone asked me if IPS was activated, and it wasnt. I activated it, and am using the 30 day trial right now. When attempting to configure it, I basically kept all of the policies at the default setting, which was to basically block/detect EVERYTHING. I'm now noticing a few things are not functioning correctly. Most importantly, I'm unable to access any of the companies computers remotely via LogMeIn. All computers are showing as offline. I've attached the list of the policies that are set to be blocked, but I cant figure out which policy needs to be opened up so all PCs/server are accessible via logmein.
ips.jpg
0
Comment
Question by:hodgem
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 

Author Comment

by:hodgem
ID: 39696354
PS - I did open up the "REMOTE ACCESS" to allow that :) but still cant access remotely.
0
 
LVL 26

Accepted Solution

by:
Blue Street Tech earned 2000 total points
ID: 39697171
Hi hodgem,

When attempting to configure it, I basically kept all of the policies at the default setting, which was to basically block/detect EVERYTHING.
The default policy is actually not enabled...you have to enable it and configure what to detect and block. I'd recommend setting it up as such:
High Priority Attacks          Block/Detect
Medium Priority Attacks    Block/Detect
Low Priority Attacks           Detect (Removing Blocking of Low Attacks should do it)
That list you attached is in App Control and again by default it is not enabled...you have to enable it and configure it.

With App Control configuring it is a process because there are many facets and many threads not entirely obvious by which enabling to block can have undesirable consequences. The process is to test as many business functions as possible (starting with the core working to supplemental) to see what is being blocked and what is not. You can see this activity in the Logs. Make sure to enable all Categories for the logging and set the logging to Debug.

Under Remote Access you can set LogMeIn = Disable/Enable so that it is being logged but not blocked. That should do it unless you have SSL Control enabled too. In which case you will need to add logmein.com to the whitelist.

Make sense?
0
 

Author Comment

by:hodgem
ID: 39705172
yes, thank you! Things seemed to have calmed down.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 26

Expert Comment

by:Blue Street Tech
ID: 39705176
Your welcome! I'm glad I could help and thanks for the points!
0
 

Author Comment

by:hodgem
ID: 39725107
Hi - sorry, need to open ask another question.
@diverseit, you were very helpful last time, should I create a new question?
0
 
LVL 26

Expert Comment

by:Blue Street Tech
ID: 39725217
Yes, by all means since this has already been closed open up a new question and I will keep my eye out for it!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question