Solved

Sonicwall content filter, users keep getting default policy

Posted on 2016-10-18
7
25 Views
Last Modified: 2016-11-22
Hi
 We are using a Dell Sonicwall NSA 4600 on Firmware  SonicOS Enhanced 6.2.6.0-20n, we use the content filtering module on it to restrict users website access , using SSO and LDAP to AD.
 Through out the day users will randomly lose their internet policy and get the default policy blocking majority of websites. I have found by locking and unlocking the PC it restablishes the policy and they can continue in the majority of scenarios to browse the internet again.

 I have disabled AV (SEP) and it still happens, all users are on Windows 7.

Any help would be appreciated!

Thanks
0
Comment
Question by:adviceplease
  • 4
  • 3
7 Comments
 
LVL 23

Expert Comment

by:masnrock
ID: 41849028
Have you checked the power management settings on the network cards?

Another way you could try doing the policies is by MAC address and IP. However, this also assumes that users are not sharing machines...
0
 

Author Comment

by:adviceplease
ID: 41850243
No its not power management settings as the users are using other applications at the time

MAC address /IP is not an option due to the size of the estate

thanks
0
 
LVL 23

Expert Comment

by:masnrock
ID: 41850379
Do multiple users share machines? SSO doesn't work well with switching users. You'd have to make sure each user signs off, and the new user signs in.

You may also want to look at excluding service accounts, as even Sonicwall has admitted it's caused issues for them:
https://support.software.dell.com/kb/sw5589
0
Will my email signature work in Office 365?

You've built an email signature using raw HTML code in Office 365, but you can't review how it looks with Transport Rules. So you have to test it over and over again before it can be used. Isn't this a bit of a waste of your time? Wouldn't a WYSIWYG editor make it a lot easier?

 

Author Comment

by:adviceplease
ID: 41857059
the users effected aren't using multiple machines. all have HP laptops

is random but happens to a lot of people throughout the day,everyday

if these users lock their machines and unlock using their domain credentials again , it works

very frustrating!
0
 
LVL 23

Expert Comment

by:masnrock
ID: 41867445
Just noticed your last post. However, I'd suggest that you check to see if there is a communication issue between SSO agent and the server. That seems to be the most likely cause.

However, at this rate, if you still have the support, I'd contact the support engineers at Sonicwall.
0
 

Accepted Solution

by:
adviceplease earned 0 total points
ID: 41868586
Hi All
 Several issues here that i have now resolved and all working.

If the Domain User Profile has been copied from another Domain user when originally created , Sonicwall policies don't like the profile deleted the profile and changed the name slighly, no further issues

for the majority of the other users the fix was :

- make probe to WMI first on the SonicWALL and also on SSO agent.

- To Make WMI probing first goto Firewall users -> Settings -> sso agent -> configure -> users tab -> Probe users for select WMI and hit apply/ok.

so needs changing on both SSO agent (might be a dedicated server or on your DC's) and the actual Sonicwall

in some cases it can be firewall on the endpoints, you need to make sure TCP/UDP 1726,135,445 and 139 on windows firewall and Client AV on all machines aren't blocked
0
 

Author Closing Comment

by:adviceplease
ID: 41876003
found out for myself........
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now