I have a SonicWall that was damaged from a comcast modem that apparently had a lightning strike to it on Monday. Covered under warranty. Guess what? They can't find the serial number for my SonicWall on their system and instead of keeping me up to date or fixing the problem on their end, they've totally ignored everything and I'm having to call EVERY DAY to get them to tell me the same shit, that they're researching it on their end but can't send the replacement out until they find the serial number in their system. WTF is going on with SonicWall? Your systems have an issue with missing serial numbers? Your staff can't communicate and follow up? When the SonicWall is under warranty and is no longer working, I need a new one ASAP. That's your promise to your customers. I'm so livid right now, no one I've spoken to gives a shit. Not one person has reached out to follow up on this, and this is day 4. I should have had a replacement sent next day. Totally disgusted with this experience.

The release notes mention that NX 10.3.5 adds DTLS support for improved latency especially in time sensitive applications.

I don’t see any additional settings in the NetExtender client GUI, and don’t remember anything in the last firewall firmware release about DTLS.

Should we assume DTLS is on by default in 10.3.5?

Does it require a specific firmware version on the firewall?

Does it need to be enabled at install of NX 10.3.5 by command line switches perhaps?

Hoping perhaps the SonicWall rep who often posts here can clarify as struggling to find more info than what is in the release notes at the moment.

EDIT - Also while we’re here:

NetExtender 10.3.5 force disconnects sessions after the “Inactivity Timeout” setting configured in the firewall, regardless of whether the session is inactive or active.

Watched this happen in real time - our Inactivity Timeout setting is set to 90 minutes. Had a user connected actively working, as soon as their session time hit 90, they were disconnected.

Can only assume NX 10.3.5 is not communicating activity properly to the firewall and so the firewall thinks sessions are constantly inactive.

Another NX release, another bug!

Thanks!

Greetings!

I have a pair of NSA3600’s configured for high availability mode

X10 is a cable modem
X11 is a cellular modem

I cannot get an IP4 address on X10, but it will get an IP6. This seems to be forcing them to fallback to X11, the cellular connection.

I’ve exhausted what can I think of, even had cable come out and check things which all checked good.

Any ideas?

We have on prem LDAP Auth established and sometimes CSE Login doesn’t work on first try. Browser opens, the User logs in, it says „successful, please close browser tab“ and after that nothing happens in CSE App. Most of the time, it works on the second try. Sometimes a third try is needed.

Is this a known issue and fixeable somehow?

Installing CSE to replace SSL VPN. I've installed the client on a PC and when the client is in the office (on the X0 Subnet), it is giving me TCP flood warnings. The interesting thing is that this it is between devices that are both on the X0 subnet. I added the MAC address of the X0 subnet to the Trusted network and the CSE client says the Service tunnel is disconnected. This traffic should not even be hitting the firewall.

Possible TCP Flood on IF X0 - src: 10.xx.x.xx:7680 dst: 10.xx.x.xx:61273

Any Ideas???

Has anyone deployed a solid secondary LTE WAN failover solution with 7th gen SonicWalls, specifically the TZ470?

Looking for feedback on:
-Reliable LTE modem/routers and data plans - I’m on the East side of the US and I use a cheap LTE modem with an AT&T data plan

-Improving failover - I sometimes have to force the failover by disconnecting WAN1 or rebooting the Sonicwall

Primary ISPs vary by site, but all locations have static public IPs on the primary circuit. Considering LTE strictly for backup connectivity.
Would appreciate any deployment lessons learned or hardware recommendations.

I'm setting up a new NSa. My understanding is that the recommend method for working with VLANs on SonicWALLs is to use different zones for each VLAN.

My question is which Security Type to use for each VLAN. I don't want any of them to trust each other unless I specifically setup a rule. Common sense tells me to use Public for all of them. Is this correct?

Looks like cloud backups was removed in firmware version 8.2.1. I guess they are not planning on bringing it back.

Firewall logs are spamming the error:

'credential auditor file download failed'

Device has internet access and DNS is resolving correctly. Any idea how i can clear the error and download this DB?

Currently GMS 9.4. On Prem.
Not going to upgrade to 9.5 for the snapshot.
NSM Environment setup. Some tenants migrated.

Hurdle - 7day APSS reporting schedule.
Something PCI-Friendly.
Need across all tenants - same report details every client.

Any advice? If my APSS licenses only have 7day analytics reporting, does that insinuate that I can only pull 7 days of data per report period, or is that only a retention for real-time cache data?

Thanks Much!

Is it true SonicWall GVC genuinely cannot support LAN-initiated traffic to a connected GVC client.

Remotehost can ping Lanhost, but Lanhost and cannot ping the virtual IP of remotehost.

The tech said: GVC is client-to-server only, LAN can't initiate to a GVC client without site-to-site. Is that a fundamental mischaracterization of IPSec? — SAs are inherently bidirectional. The reason LAN→GVC reverse traffic works in countless other SonicWall deployments is exactly that.

What the packet monitor actually shows is a **routing failure, not a tunnel-direction failure**:

- "in X0, out --, Initiator Route: None / Responder Route: None — dropped before policy"

- That means the firewall did a route lookup for 192.168.3.x(virtual IP), found only the X4 connected route, tried to forward via X4, and there was no usable next hop (link-down → no ARP). It was never an SA/tunnel decision.

Should I Push back. Ask them specifically: "Per packet monitor, the drop reason is 'no route', not an SA/policy decision. Why does SonicWall publish an interface-independent DHCP scope option for GVC if LAN→GVC is impossible by design?"

Hello all!

We just recently upgraded all of our clients /CSE Apps to the most current (4.2.0) and are getting constant application crashes. Our firewalls are patched to the newest firmware. Devices are on Windows 11 25H2. Event log gives us -

- The Sonicwall CSE Admin Service service terminated unexpectedly. Event 7034
- The Sonicwall CSE Wireguard Service service terminated unexpectedly. Event 7034
- The Sonicwall CSE Updater Service service terminated unexpectedly. Event 7034

We have rolled back which seems to fix the issue but obviously not ideal. I do have a ticket open with Sonicwall currently, but my experience with another unresolved issue recently with CSE support has not left me confident they will resolve.

Anyone experiencing anything similar?

I have a setup where wired devices are getting DHCP from the domain controller, and wifi devices are getting DHCP (in two different VLANS) from the Sonicwall. Not sure if this is best practice, but it all works fine.

I'm getting repeated alert 1068s from the Sonicwall for "Multiple DHCP Servers are detected on network". Well, yes - there are 2, so that seems right. I cannot find a way to configure the Sonicwall to expect 2 as the normal condition and then alert if it ever detects >2. I think that only leaves the choice to turn off this alert, lest I continue to get spammed with these alerts. The IP address in the alert is the domain controller, so I can only presume (since this alert is not elaborated-upon in any documentation I have found) that the alert is triggered if it finds DHCP traffic going anywhere by the DHCP configuration on the Sonicwall itself. This would lead to the conclusion that this alert doesn't work at all if the Sonicwall isn't doing DHCP at all, but who knows.

I have enabled DHCP Guarding on the switches (Unifi) and specified the 2 known DHCP servers, but that hasn't changed the problem, which seems to support this conclusion.

Am I doing anything wrong here? Is there a configuration I'm missing that would let that alert work as desired?

Hey all. Just taken on an IT manager role and inherited infrastructure that needs some work. gonna propose a hardware refresh and want some outside input before the quotes come through.

The setup:

10 sites, head office plus 9 remote construction cabins

All sites running SonicWall firewalls, Netgear switches, Unifi APs

Head office is different, it's been refreshed already and is all Unifi (switches, APs, CloudKey)

Only 2 of the SonicWalls are still in support, so the rest need replacing

Our VAR is quoting us on three options: SonicWall, Fortinet, and Unifi.

• SonicWall - already in place everywhere, and 2 units don't need replacing at all since they're still current. Least disruption by far. Also our end users are already using SonicWall's client VPN for accessing our fileserver.
• Fortinet - I came from a Fortigate environment so I actually know my way around it a bit. Not sure how much weight to give that when making the call though.
• Unifi - apparently the cheapest option and would tie everything in with the head office setup. Main concern I keep hearing is that it's not really up to scratch as a proper security appliance according to industry friends who know networking and security better than I do, specifically around tweaking IPS and web filtering. Not sure if that's a fair criticism , as im taking their word for it

networking isn't my strongest area. Is Unifi actually viable for a setup like this or is it more of a home/prosumer thing? And is the familiarity argument for Fortinet actually worth anything in practice? the VAR seems to think Unifi will be my best bet and doesn't place too much importance on the lack of tweaking ability for security policies etc. as that's more an endpoint configuration thing nowadays and it's irrelevant when people work from home. but that statement "feels" like a copout, I just cant articulate why

opinions greatly appreciated as this'll be a costly change and I am motivated to get it right. Thanks so much in advance

I need to migrate from SM 9200 to NSa 6800 but it's not supported, either by converting or by direct import.

So, I am planning to convert the SM 9200 settings to a Gen 7 firewall say, NSa 5700, and import it directly into the NSa 6800.

Is this recommended?

Anyone having issues where their Sonicwalls are going offline behind Verizon FIOS?

I'm able to ping the Verizon ISP gateway and firewall IP, but the device is dropping the connection. I've disabled probing the SonicWall responder