Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login
Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Tek-Tips LinkedIn® Group

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Feedback

"...This has been the MOST helpful forum that I have been a part of and I want to say thank you. The tips, tricks and helpful advice that you all contribute to have been lifesavers in many instances..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!

Tek-Tips Shirts!

Get Tek-Tips Swag
Get your
Tek-Tips Forums
SWAG here!
Home > Forums > Data Transmission > Communication Protocols > TCP/IP Forum

Sonicwall E5500 and IP Spoofing

thread581-1686385
Read More Threads Like This One
chieftan (MIS)
21 Jun 12 5:02
Hopefully this will be a relatively simple question for someone to answer as it is not a technical or config question, merely if I am understanidng something correctly:-

Yesterday evening I was configuring the E5500 for Global VPN connectivity and it was all working fine. I made a simple IP Address change and lost GUI connectivity to the device. I could still SSH, so I ssh'd in and made relevant changes. Went back to the WebGUI but still could get no access. I could do anything via CLI but nothing via WebGUI. In the end I left it.

I came into work this morning and tested and Voila, with no changes I can, again, access the system via the WebGUI.

Upon checking the log files, I noticed that just before I lost the GUI access I had an event stating "IP Spoof detected - dropped".

So, here is the question:- On the Sonicwall devices, or for that matter any firewall, if an IP Spoof is detected does the firewall automatically stop HTTP connectivity to itself for a given period of time?
cajuntank (IS/IT--Management)
21 Jun 12 13:32
Sounds like it took a while for the ARP table to update. So there are devices on your network (routers, switches, firewalls, etc...) that will track MAC addresses associated with IP addresses. It sounds like when you changed the IP address on the Sonicwall, some ARP entries did not update in it or some other piece of equipment, more than likely a switch.
Read More Threads Like This One

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Back To TCP/IP

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close