Sonicwall Vpn Client Software

[Melissa Russian]

Iam currently using SentinelOne through an MSSP, which has a fully staffed 24x7 SOC. The MSSP just issued a 10% price increase, so my unit cost is almost $10 per month. They are talking about soon requiring an annual contract, with minimum unit/price requirements.

My new partner channel rep has suggested that via the SecureFirst Service Provider program, I can get Capture Client Premier plus the new MDR service (Solutions Granted SOC) for less than $10, along with monthly payments through distribution, no annual commitment, and no contract. The downside is I would have to implement Capture Client for both SonicWall managed and non-managed clients.

But the very last thing I want to do is implement another SW solution that is not road-ready (or half-baked), which causes frequent (or infrequent) problems for my clients, and consumes huge amounts of my time to try to get fixed.

After our 3-year license expires at the end of this year, I will be running FAR away from the capture client product. The amount of management overhead and issues directly relating to the Sonicwall integration of the S1 piece is extremely frustrating and has needed extraordinary amounts of management and troubleshooting. You don't get direct access to the S1 tenant, which makes things like setting users for API keys, etc. cumbersome with having to reach out to Sonicwall support to do it for you. We've had several issues with device control that are set to be "fixed" with the next release in April. I'm waiting on feedback on how they're integrating with the endpoint firewall control piece that S1 offers still. I love Sentinelone and have used it in my prior MSP experience. We saw the good deal and a better way of deploying certificates for DPI SSL and went for it when I started as a 1 person IT shop, however the amount of management overhead and crappy integration has ended up costing more in manpower. In the 3 years we've had it, I have not seen much movement in adding features or improving stability between the products.

Good morning Larry and thank you for this post. Sorry to hear about your journey with your current provider and S1 price increase. I am the former CEO of Solutions Granted and now EVP of MSS here at SonicWALL. I have some better news for you when it comes to S1. We are capable of providing you MDR for S1 today and the price is more friendly than what you are hearing. We can also migrate your current S1 which will require no changes other than billing and a lower rate :) Please email me and I will get you in touch with the right team member to assist

In 2020 and 2021 I devoted incalculable hours to try to come to grips with SonicWall's NSM offering. The expenditure of those countless hours soured me on the product altogether. Finally, in 2024, NSM is approaching a more solid offering and maybe by 2026 (if the release notes continue on their almost monthly pace) I would re-consider suggesting to my client base.

My primary concern is that Capture Client in 2024 is as "broken" as NSM was back in 2020/2021. In other words, it is a product I can't trust for a very long time because uptake, budget, and whatever goes on in the background at SW, is preventing things from being fixed. I've been a Sonicwall fan-boy for a very long time; however, I simply refuse to go through that kind of horror once again.

In the six weeks since I originally posted, I learned my MSSP will be offering Heimdal's MXDR solution for one dollar more than SentinelOne. This product contains a dozen additional features that match over vendor offerings. The primary distinction is the ability to use one pane of glass (sound familiar?) to manage DNS filtering, Application Control, UAC management, and lots more. I will not consider using Capture Client.

Does anyone have a step by step installation guide for Capture Client on a Windows Server 2019? I get into a strange loop when I try to install capture cleint. The Client will turn green at some point and then say it wants to reboot. (I think this is normal because all other endpoints are installed properly and also had this) When I reboot, the client is yellow again and says that the sentinelone is not installed and then it wants a reboot and this continues endlessly.

Although the management site and everything I've clicked on does come up now, there seems to be a major communications issue between the clients and the management servers. I have numerous systems which are currently online (including my desktop and laptop), yet the Capture Client icon shows Offline. If I open the client app on those systems, Device Status shows as Connecting...

Worse, I'm still trying to complete our rollout of SWCC, and I can't get it installed due to the new installation not registering with the server and completing installation of the Sentinel One client.

Hello @mangonacre, I'm sorry to hear about this inconvenience. Can you PM your case number to me so that I can escalate? BTW I have removed the duplicate post that you are referring to. No problem at all.

I never did get a case number. The call connection broke when I was trying to get the case started. I called again and waited on hold for another long while. During that time, the client I was trying to get installed finally registered with the server and I was able to complete the installation. So I hung up.

At this time, the site seems to be responding for the most part, and some of the client systems that were showing CC was offline are now showing online. But there remain several of them that are currently up and running (for instance, my laptop) and still showing last contact from the client was hours ago. This is not the first time I've seen this, either. I'm not going to try any other installations until I see proper communication from all clients, so I hope it clears up soon.

I've pretty much lost all confidence in this product, and regret the purchase. It may be an "inconvenience" today, but the fact that this seems to repeatedly happen with their systems raises serious questions as to how we would be able to manage or remediate an active threat, especially one that affected a server.

My experience was similar to ASchultz's above, where the next morning, all affected clients were finally communicating properly with the servers and downloading SentinelOne updates. I haven't had a problem since Dec 16. What you're experiencing now might be due to a regional issue that's not hitting me (yet).

That said, I did open a case for it on Dec 15 which has not been addressed at all by SonicWall support. Combine that with the fact that when you go to the Support section in MySonicWall, you can only create an email-based case, and it is automatically assigned a severity of 3 with no way for you to change that. You can still find the support number through Google, but back on Dec 15, I spent a half hour on hold before someone picked up, and then was suddenly disconnected before the case could be created. I tried calling back, but was again stuck on hold for over 30 mints. And of course, nothing posted here by any SonicWall representative even acknowledging a problem occurred.

Not sure why the client upgraded for you even though you have the policy set to a lower version. I've not had that issue. But I do want to make sure you're aware that 3.6.30 consumes a good bit of CPU cycles when the Content Filter is active: "High CPU due to system process swcfdrv64.sys+0x998c after update to CC 3.6.30." I rolled back to the "General Release" of 3.6.24 until they get that bug worked out. Supposedly it was resolved in 3.6.31, but it's back to listed under Known Issues for 3.6.33. (And there isn't even a Release Notes updates for 3.6.34... )

All the site to site connections work. the one hold out GVC install (Me) works just fine. Prior to the changeover the SSL clients worked just fine however "tunnel all" mode isn't wanted because it prevents zoom, teams and Outlook o365 connections from working on the remote host. We also don't want them streaming music through our WAN. Users are currently working off the old firewall till I get this solved.

This is not a usual behavior, may I request you to please check the client routes again and make sure that the dummy network is added to it. and also under VPN access for the SSL VPN service group, We have a KB addressing a similar error: -base/error-connection-failure-no-routes-found-in-netextender-for-sslvpn-connection/170503292558209/.

So, we have an annoying problem that when NetConnector VPN connections are made, client web browsing becomes sluggish. It doesn't die, it just introduces a pause of about 5 seconds before any url can be reached.

Google-fu reveals something called split-tunneling which, as far as I can tell, allows you to specify what type of traffic goes through the VPN client. However this is enabled and tracert suggests web traffic is indeed travelling through my local IP and not the assigned 10.1.1.x address the VPN gives me.

Also the user that you are testing with, should only have internal networks in VPN access section. You should also check that it is not inheriting some bad access due to user groups that it is part of. It shows inherited if it is getting something from another group.

You would need to check if there are any unnecessary SSLVPN client routes or VPN access added to the client you are testing with? Also is this SSLVPN connection made to a firewall or a SMA appliance? And what firmware are you running on the appliance you are connecting to?

I am having an issue where WiFi client on the main SSID can't not communicate with each other if they are wireless. The CAN communicate with LAN resources. Just not Wifi client to Wifi client. I know some router calls this AP Isolation. But I can't find anything like that on the Sonicwall TZ-200.

On SonicWALLS, in version 5.x (and 6 too, I imagine) this is known as "Interface Trust". To adjust this setting, go to Network -> Zones and check the box to "Allow Interface Trust" to resolve this issue.

3a8082e126