Login

u/greenstarthree

▲ 6 r/sonicwall

NetExtender 10.3.5 released - introduces DTLS - is it enabled by default?

The release notes mention that NX 10.3.5 adds DTLS support for improved latency especially in time sensitive applications.

I don’t see any additional settings in the NetExtender client GUI, and don’t remember anything in the last firewall firmware release about DTLS.

Should we assume DTLS is on by default in 10.3.5?

Does it require a specific firmware version on the firewall?

Does it need to be enabled at install of NX 10.3.5 by command line switches perhaps?

Hoping perhaps the SonicWall rep who often posts here can clarify as struggling to find more info than what is in the release notes at the moment.

EDIT - Also while we’re here:

NetExtender 10.3.5 force disconnects sessions after the “Inactivity Timeout” setting configured in the firewall, regardless of whether the session is inactive or active.

Watched this happen in real time - our Inactivity Timeout setting is set to 90 minutes. Had a user connected actively working, as soon as their session time hit 90, they were disconnected.

Can only assume NX 10.3.5 is not communicating activity properly to the firewall and so the firewall thinks sessions are constantly inactive.

Another NX release, another bug!

Thanks!

reddit.com
u/greenstarthree — 4 days ago
▲ 14 r/Intune+1 crossposts

Does enabling Hotpatch updates mean you only get quality updates quarterly?

Hi all,

Just one point about Hotpatch I'm struggling to wrap my head around...

Based on the release schedule shown in Microsoft's docs:

Hotpatch updates | Microsoft Learn

It essentially says we get a Baseline Update in Jan / April / July / Oct, with a Hotpatch Update in the months between those.

From this are we right in understanding that during Hotpatch months, we only receive security updates, not any enhancements / new features? I believe that's what negates the need for a restart.

This is good, but isn't the effect of this that if we are using Hotpatch today, we got our last Baseline update in April, and so we will only get security updates in May and June, having to wait for July's Baseline update for any enhancements / features?

I guess what I'm asking is, if we opted out of Hotpatch, would we effectively receive a baseline update every month, and thus get enhancements / features faster, with the caveat of having to reboot every month?

Or, is this just Microsoft's new update schedule, and they're only releasing enhancements / features quarterly regardless of whether we're opted into Hotpatch or not?

u/greenstarthree — 7 days ago
▲ 4 r/sysadmin

Access to website (UK) from China

Hi All,
In all my years, this is something I’ve never hit up against so looking for some general guidance.

Recently migrated a website to new hosting provider.
Since doing so, access to the website from China is not working.

Hosting provider confirmed no geo blocking in place.

Can ping and tracert to the website IP address from China IPs, but unable to access the site over HTTPS.

Colleagues in China suggest it must be the China government firewall, which it certainly seems to be. Guess we were lucky that the previous hosting IP wasn’t blocked.

What approaches are available to address this? They’ve suggested reverse proxy in Hong Kong, but not sure of the technical (or legal) implications of something like that.

Thanks!

reddit.com
u/greenstarthree — 9 days ago