Hardware Firewalls





Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Share tech news, updates, or what's on your mind.

Sign up to Post

Using a Cisco ASA 5555 with AnyConnect SSL client and split-tunneling enabled, how do I force an inside tunneled route to a FQDN so that the AnyConnect client tunnels thru ASA and presents the egress IP of the ASA to the destination? I've read conflicting results when adding a FQDN to an ACL as a secured route. It would be easier if the host had a static single IP address but its behind aws load balancer so the IP's change. Am I even making sense? In a scale of 1-10 representing my knowledge of ASA's (where 1 = WTF is an ASA, 10 = I configure ASA's in my sleep) I'd say I'm at about a 4.
SMB Security Just Got a Layer Stronger
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Good day,

I have been having inconsistent issues with Sonicwall SSO. I have multiple Vlans and hence implementing multiple domains for LDAP User Authentication.

It has been functional and all of a sudden the secondary domains are unable to authenticate. If i isolate their independent domain as the primary, they function. I have My Trust relationships configured and can access via FQDN. I have disable the firewall on each of my Domain Controllers to see if that may be the problem. I have also enabled the probing under the settings menu.

Can someone please guide me as to what may be the problem?

Dear experts,

I have a Window 2012 R2 server running DNS, DHCP, and AD DS and a sonicwall firewall. For some reason that my DNS server is not working. When I look at my network connection from Window 7, I can see that IPv4 Default Gateway is, IPv4 DHCP server is on but IPv DNS server is on 68.x.x.x It is not pointing to my DNS which should be the same as the DHCP server ( I am not sure what went wrong as in if there is a mis-configuration in sonicwall firewall/router or the DNS server at

I can see my client PC is not talking to the local DNS server but instead on 68.x.x.x my ISP. Is there a way to configure in order to ensure my client PC will ask my local DNS first if no information can be found then forward to the DNS of my ISP and so forth?  I have set my TCP/IPv4 to Obtain an IP address automatically and Obtain DNS server address automatically. Is there a way to set obtain IP and DNS server automatically rather than set those to static?
Two Firewalls in series, SonicWall on WAN side and ASUS behind the SonicWall.
I have the above setup where the Sonicwall provides a LAN address of 192.168.168.XXX to a ASUS  firewall provides my actual devices (PCs etc) with 10.0.0.XXX LAN
All works just the way I need and want it to, please do not offer any config changes
QUESTION  Since the 10.xxxxx LAN is essentially a Translated 192.xxxxx address CAN anyone tell me how to configure my SonicWall Packet Capture screen to see the translated PC IPs ?
Note:  I only see 192.168.x.x in a Global Packet Capture and suspect that it may be that the asus knows that is translating to  but I am not yet convinced.
We have a request to control wireless clients user based (not IP based) using Fortinet. Below is the scenario.
We have IMC  radius server. IMC is integrated with AD. I configured IMC in fortinet for authentication.
I can see all wired users info logged in fortinet but not wireless users.

How can I achieve this?

Old SonicWall box, site works fine.
New SonicWall box, site returns error.
"No connection could be made because the target machine actively refused it. xxx.xxx.xxx.210:60004"
Put Old SonicWall back, site works fine.

I've compared firewall settings several times, but there is an age difference, so what is old and new do not exactly match.
Log does not flag anything.
Packet monitor log attached. (Filtered for port 60004)  It looks like 60004 is moving, but I'm not a Packet Monitor professional.
aaa.aaa.aaa.208 = External site
xxx.xxx.xxx.210 = SonicWall box
zzz.zzz.zzz.103 = Internal server
I have an existing installation of Dell Netextender on my home computer and need to know how to change the DNS setting.  

dns settings
Can I use this chart to calculate as a current bandwidth utilization in the office?    I want to look at what bandwidth utilization I have now and estimate it's max growth based on new headcount / office expansion.

This is from the palo alto firewall in network monitor option.  The only thing its in bytes.  So if shows 1,200,000M bytes.  Not sure how to translate into Gigabit.
 Network monitor in Palo fw
Please advice.
Looking for a cost effective appliance based VPN solutions (Preferably clientless), for small business.

We have a number of small clients that we have been using the Netgear fVS-336s with a lot of success but they are no longer supporting it.
Some users remain on as much as 8-10 hours per day.

We’re using a SonicWall TZ-215 firewall.  Our LAN X0 port is setup as—254, with setup as the gateway, as the subnet.  

We’re getting VoIP phones, and the vendor is setting them up with static addresses between—200, subnet  How do I configure the SonicWall to get the phones to access the gateway?  (X3—X6 interfaces are unused on the SonicWall, if needed for the solution)
Managing Security & Risk at the Speed of Business
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

We are having an issue with mobile users not receiving emails that have attachments when working from home on Wi-Fi.  Email without attachments are received without issue.  

When users return to office and connect to wired network connection, all emails are received (including the ones with attachments that did not come in the day before when working from home on Wi-Fi).

 The users are connected to office network through Sonic Wall Global VPN Client to access files and folders on servers, but email is hosted using Office 365 Business Essentials, email only.  VPN is not required for them to access email.  Outlook 2010 and 2013 on users laptops.  

Any help is appreciated.

What's the best way to check the current bandwidth utilization in the office?  We have have Internet-> PAN fw->juniper switches->users.  Is it something built into those devices to check that or install some app on the top of that, or...
I want to look at what bandwidth utilization I have now and estimate it's max growth based on new headcount / office expansion.
I use Sonicwall Global VPN client to connect to our network and I also use TRICERAT SCREWDRIVERS software for remote printing.  This has always workd for computer except the one I will describe.  At another remote office we installed a Toshiba printer/copier and I installed the screwdrivers software and told it to spool the default printer.  After the VPN is established I login to the terminal server and I can see the local printer there to print to just like all the other computers at other offices I have set this up at.  When I click print the printer immediately goes offline and the user has to reboot the computer to get it online.  The user CAN print from their computer to the printer but not when the VPN is connected and they are logged into the RDS server.  Seems like a screwdrivers problem and not a VPN or RDS issue.  I don't have another printer in the office there to test if it is the printer.  FYI.  All these computer are not on a domain, they are in a windows 7 pro homegroup.
Currently we have TMG as web proxy and websense as web filtering
We are going to replace TMG with Bluecoat SG Appliance.

Hence I need to know which design is considered as best in terms of secure and efficiency.

We have 1500 users.

Any help would be appreciated.
What are some basic steps I could take to ensure our network is secure from outside intrusion?  We have a SonicWall and Sophos Anti virus, but what other things can I do to make our network less apt to be attacked?  What holes can I test and plug?

Whats the best way to check/pull the config from a Sophos XG210 firewall.
Hi Experts,

We currently have inherited a Cisco 891F router/firewall that we need to allow a certain group of inbound IPs over SMTP (port 25) into our mail server.  The router is currently configured for allowing the existing spam filter service to a certain IP range through an object group and is currently functional.

object-group network Spam-Filtering
 description Spam-Filtering

The object-group is later defined later in the config under the following command for allowing through the WAN IP address.

permit tcp object-group Spam-Filtering host 71.xx.xx.179 eq smtp

Trying to use the existing configured object group, I've tried adding the following command (in config mode), followed by each IP addresses needed to be added to the group.  Running the 'show run' command to confirm the host addresses have been added into the object-group.

object-group network Spam-Filtering

However, traffic was still not coming through from our spam filter provider.  Eventually, I've end trying to allow all inbound IPs to pass through by the following command.  But was still unable to get traffic to come through into our mail server.  Attempted to use 'telnet 71.xx.xx.179 25' to test but would not get a response externally.

permit tcp any host 71.xx.xx.179 eq smtp

Are there any steps or commands I may be applying incorrectly to allow the external IPs to pass through the router?    …
A client has a VOIP phone system, and a Comcast gateway. On the gateway, one cannot turn off  SIP/ALG, which makes the VOIP  calls inconsistent.  They have an unmanaged switch now that cannot be programmed to remove the SIP/ALG disturbance.  What I need to a 24 port gigabit switch that can be programmed to remove this SIP/ALG  setting and produce VLANS to segment the phone and other traffic.

I'm wondering budget-wise whether the Netgear JGS524E would allow me to turn off SIP/ALG as well as create the necessary VLANS.  If not, can you recommend one?
I currently manage a network with 40 end users, a few printers, a DC, a few NAS's, etc...

My network consists of a TZ300 SonicWall, 2 unmanaged Cisco switches, and a NetGear Nighthawk X6 Wireless Router. We currently have a 100Mbps business class fiber line coming into the building. The SonicWall has content filter, IPS, Gateway Antivirus, Geo-IP, and Botnet security services enabled.

My LAN is 10.50.2x1.x and the WiFi router is configured with a 10.50.2x2.x management interface. When I run a speedtest (www.speedtest.net) on a computer on the 10.50.2x1.x network I only get about 24-27Mbps download speeds. When I run the same test from my cell phone, which is on the WiFi, I get up to 91Mbps download speeds. I don't understand why the two speeds are so different. If anything I would like to get faster speeds on the machines that are on the 10.50.2x1.x LAN. Also, the Nighthawk WiFi router is connected to the same unmanaged switch the rest of the computers are on.

Any help is appreciated. Thank you.
Upgrade your Question Security!
LVL 12
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

I have two servers, one on DMZ and the other inside our domain.

The server on DMZ is our webserver while the server inside our domain is database server.

Let's call the database server inside our domain server2.

Webserver on DMZ is server1.

We set firewall rule on Server1 so our apps can access the database on server2.

Is there a simpler way to check the firewall rule set to allow access to server2?

Thanks in advance
Increase/Decrease MTU

I would like to know when should we  manually increase or decrease MTU.
I  have seen some examples when there is an extra header for instance when using PPoE , they decrease the MTU.

Any clarification will be very much appreciated

Thank you
VPN site-to-site considerations.  Remote office users need to access two different data centers and the Main office.  So at least three different IP addresses.  In addition they also need to access their own machine back in the remote office when working from home.  There are two remote offices (15-20 users each)  and the one Main HQ office.  

Would it be better to design with one single VPN Concentrator hub or build individual tunnels from every office to every data center and remote location?  I'm leaning towards the 'one hub' VPN Concetrator with different profiles directing to remote offices.  
I need to hear pros, cons, drawbacks for each.  Thanks guys!!
I have been doing some research into setting up redundant ISPs on the PANs (Palo Alto firewalls), and it seems that if we don't want to run BGP for that site, the best alternative seems to be PBF.  Am I on the right track with that?  Are there other alternatives?
I  am trying to configure  ASA 5525 for client IPsec VPN.   I am unable to ping to the Inside interface or access the internet when connected to the VPN.
Attached is my config.   can someone take a look and tell me what I am missing?
Inherited a new client with a Sophos appliance.  The UTM 9 so far seems to be a great device.  That being said, I am trying to turn off filtering for a specific endpoint.  Even though it is in the "allow access", when I am on that endpoint it still get re-directed to a webpage hosted on the appliance and is expecting to want some sort of authentication.  Are there good tutorials on how to manage Sophos?

Hardware Firewalls





Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.