OT: SBS BPA behid a SonicWALL TZ 180

Hello!

I am posting this message to save others some time trying to figure out why
they may not be able to update the SBS BPA. On my SBS, which sits behind a
TZ 180 with UTM services enabled (running firmware 3.9.0.0), I get an error
stating "An error occurred trying to access the web" every time I try to
update the BPA. I changed the SBS default gateway to a Freedom9 freeGuard
100 with UTM enabled, and the update works normally.

I went back to the TZ 180 as the gateway and I got the same error. The TZ
log shows the following:
03/23/2008 12:09:36.933 Possible port scan detected 207.46.19.190, 80,
WAN, wwwbaytest1.microsoft.com 67.x.x.x, 4673, WAN, mail.mydomain.net TCP
scanned port list, 4623, 4627, 4629, 4631, 4671




I am going to trust that site (wwwbaytest1.microsoft.com) to get around it.
I hope this saves someone some frustration!

Gregg Hill

 

Some more info.

It is the TZ 180's IPS that blocks it if "Medium" level threats are blocked.

03/23/2008 12:33:19.233 IPS Detection Alert: WEB-CLIENT Nested OBJECT
Tag Attempt, SID: 3182, Priority: Medium 207.46.19.190, 80, WAN,
wwwbaytest1.microsoft.com 192.168.16.10, 45332, LAN



Still trying to find a way to allow MS to work and still block the bad guys.

Any of you WatchGuard fans having this problem with IPS enabled aggressively
(block high, medium, and low threats)?

Gregg Hill