sonicwall tz 170, not allowing web traffice into lan/to web server.
hi weve got a sonicwall tz 170, and ive attached the diagnostic report, if anyone here know how to read them.
but basically, i setup a small wamp apache web server on the server, i can access from inside the lan, but from outside nogo.
i think i have the sonicwall set to take http traffic and direct it to 192.168.51.23 [our server]
but its not going thru, just comes up bad page.
we dont have the contract support with sonicwall any longer, thus we cant call them for assistance.
help
thanks
marc
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
thanks,
we have only one public ip address, thus the opt port is not a go for this situation.
i dont see where i can upload the diag report of the sonicwall, where do i add a file to submit to this open question.
either way, port frwarding is enabled to the correct private ip of the server, but its not working properly.
marc
Status
Serial number 0006-B105-9EC8
Registration code: 7UY5VDER
Product Code: 521; Base Product Code: 521
Board ID: 0x0
01/25/2007 10:55:53.000
SonicWALL has been up: 1 Day, 18 Hours, 59 Minutes, 17 Seconds
Firmware version: SonicOS Standard 3.1.0.15-95s
No debug symbols in firmware
restartRequired: False
Revision: 3.1.0.15-95s
ROM version 2.0.0.3
Previous firmware version: 2.2.0.1
min firmware for this hardware: SonicOS Standard 3.1.0.15 Standard
max firmware for this hardware: 0.0.0.0
vers check err: 0
Crypto level: domestic
VPN Hardware Accelerator Detected
Processor= "SonicWALL Security Processor"
Model= TZ 170 Standard
Resource language: eng
RAM size: 64 M
Flash size: 8 M
Flash type: TC58FVM6T2A
Configured interface settings:
WAN: Auto Negotiate
LAN: Auto Negotiate
OPT: Auto Negotiate
Active interface settings:
WAN: 100 Mbps, Full Duplex
LAN: 100 Mbps, Full Duplex
OPT: No connection detected
CPU Monitor
CPU Monitor:
Current 1s CPU Utilization: 15.00%
Current 10s CPU Utilization: 17.00%
Total Average CPU Utilization: 1.45%
CPU Utilization Per Process:
# Name PC PRI Total% (secs) Curr% (secs)
--- ----------------- ---------- --- ------------- -------------
1. tNetTask 0x8035b780 50 0.58 (898.85) 13.33 (0.13)
2. tTimerTask 0x8035b780 50 0.83 (1289.45) 1.67 (0.02)
3. tWebMain 0x800a43e0 50 0.02 (33.40) 0.00 (0.00)
4. tMainLogTask 0x803e5600 50 0.01 (13.38) 0.00 (0.00)
5. tDEACheckDEAServer 0x803c23c4 104 0.00 (7.67) 0.00 (0.00)
6. tAlertLed 0x8035b780 40 0.00 (3.32) 0.00 (0.00)
7. tWebMainS 0x8035b780 50 0.00 (0.33) 0.00 (0.00)
8. tNtp 0x803c23c4 254 0.00 (0.20) 0.00 (0.00)
9. tMyArpTask 0x803e5600 45 0.00 (0.10) 0.00 (0.00)
10. tExcTask 0x803e5600 0 0.00 (0.02) 0.00 (0.00)
11. tTmrTask 0x803c23c4 15 0.00 (0.00) 0.00 (0.00)
12. tCLI 0x8035b780 10 0.00 (0.00) 0.00 (0.00)
13. tSysMonitor 0x803c23c4 10 0.00 (0.00) 0.00 (0.00)
14. tIkeMsgTask 0x803e5600 50 0.00 (0.00) 0.00 (0.00)
15. tSwSnmpTrapd 0x803e5600 50 0.00 (0.00) 0.00 (0.00)
16. tWebListenS 0x8035b780 50 0.00 (0.00) 0.00 (0.00)
17. tWdRbTask 0x8035b780 8 0.00 (0.00) 0.00 (0.00)
18. tWdTask 0x803c23c4 8 0.00 (0.00) 0.00 (0.00)
19. tIpFragClean 0x803c23c4 55 0.00 (0.00) 0.00 (0.00)
20. tDHCPC 0x803e5600 100 0.00 (0.00) 0.00 (0.00)
21. tDHCP 0x8035b780 100 0.00 (0.00) 0.00 (0.00)
22. tDHCPrefresh 0x803e5600 101 0.00 (0.00) 0.00 (0.00)
23. tGSCLiveCheck 0x803c23c4 103 0.00 (0.00) 0.00 (0.00)
24. tLogTask 0x803e5600 0 0.00 (0.00) 0.00 (0.00)
25. tCRL 0x8035b780 128 0.00 (0.00) 0.00 (0.00)
26. tSnmpd 0x8035b780 150 0.00 (0.00) 0.00 (0.00)
27. tSnmpTmr 0x803e5600 200 0.00 (0.00) 0.00 (0.00)
28. tChkCable 0x803c23c4 200 0.00 (0.00) 0.00 (0.00)
29. tRandSeedTask 0x803c23c4 200 0.00 (0.00) 0.00 (0.00)
30. tTODTask 0x803c23c4 200 0.00 (0.00) 0.00 (0.00)
31. tDDNSS 0x8035b780 225 0.00 (0.00) 0.00 (0.00)
32. tResetSwitch 0x803c23c4 245 0.00 (0.00) 0.00 (0.00)
33. tMzZgc 0x803c23c4 250 0.00 (0.00) 0.00 (0.00)
34. tDcacheUpd 0x803c23c4 250 0.00 (0.00) 0.00 (0.00)
35. tIkeUdpTask 0x8035b780 50 0.00 (0.00) 0.00 (0.00)
Task Total 1.45 (2246.72) 15.00 (0.15)
Idle 98.55 (152495.27) 85.00 (0.85)
System 0.00 (0.02) 0.00 (0.00)
CPU Utilization History for Last Minute (60 seconds ago --> now):
2,2,2,5,0,2,0,2,0,3,0,2,2,
CPU Utilization History for Last Hour (60 minutes ago --> now):
2,3,3,3,3,3,2,3,3,5,3,5,5,
CPU Utilization History for Last Day (24 hours ago --> now):
0,0,0,0,0,0,0,0,0,0,0,0,0,
CPU Utilization History for Last Month (30 days ago --> now):
0,0,0,0,0,0,0,0,0,0,0,0,0,
Process Monitor
Process List:
# Name PRI STATUS PC StackPtr Size Curr Margin TaskId
--- ----------------- --- -------- -------- -------- ----- ----- ------- -------
1. tExcTask 0 PEND 803e5600 83fe3638 7984 264 7552 83fe3740
2. tLogTask 0 PEND 803e5600 83fe0b08 4992 264 4672 83fe0c10
3. tWdRbTask 8 PEND 8035b780 82176b20 992 96 632 82176b80
4. tWdTask 8 DELAY 803c23c4 82178c60 7984 128 7432 82178ce0
5. tCLI 10 PEND 8035b780 82172760 19984 528 18496 82172970
6. tSysMonitor 10 DELAY 803c23c4 83973198 4080 120 3448 83973210
7. tTmrTask 15 DELAY 803c23c4 836867b0 29984 112 29640 83686820
8. tAlertLed 40 PEND 8035b780 83842190 3984 128 3664 83842210
9. tMyArpTask 45 PEND 803e5600 8386a208 3984 344 3136 8386a360
10. tNetTask 50 PEND 8035b780 83eeb840 19984 176 13392 83eeb8f0
11. tTimerTask 50 PEND 8035b780 83873e90 32752 96 31280 83873ef0
12. tSwSnmpTrapd 50 PEND 803e5600 8217cf18 8176 280 7840 8217d030
13. tMainLogTask 50 PEND 803e5600 83845d18 10224 312 5840 83845e50
14. tWebListenS 50 PEND 8035b780 836001a0 19984 368 19368 83600310
15. tWebMainS 50 PEND 8035b780 836079a0 29984 192 25120 83607a60
16. tIkeMsgTask 50 PEND 803e5600 8360e450 8176 336 7656 8360e5a0
17. tWebMain 50 READY 803c2b98 83697068 29984 2920 19728 83697bd0
18. tIkeUdpTask 50 PEND 8035b780 83610548 8176 632 7488 836107c0
19. tIpFragClean 55 DELAY 803c23c4 83868b58 4080 136 3824 83868be0
20. tDHCPC 100 PEND 803e5600 8367efc8 9984 264 9664 8367f0d0
21. tDHCP 100 PEND 8035b780 835fb078 9984 600 8888 835fb2d0
22. tDHCPrefresh 101 PEND+T 803e5600 835f88c8 2496 216 2224 835f89a0
23. tGSCLiveCheck 103 DELAY 803c23c4 8249c140 9984 192 8336 8249c200
24. tDEACheckDEAServer 104 DELAY 803c23c4 824cf1d8 49968 120 43544 824cf250
25. tCRL 128 PEND 8035b780 83613048 9312 168 8776 836130f0
26. tSnmpd 150 PEND 8035b780 83b55648 28656 2776 25824 83b56120
27. tSnmpTmr 200 PEND 803e5600 83b571b0 4080 400 3624 83b57340
28. tChkCable 200 DELAY 803c23c4 83b58b18 4080 136 3744 83b58ba0
29. tRandSeedTask 200 DELAY 803c23c4 83866c20 5984 112 5816 83866c90
30. tTODTask 200 DELAY 803c23c4 83843390 3984 112 3664 83843400
31. tDDNSS 225 PEND 8035b780 82174a58 7984 120 7800 82174ad0
32. tResetSwitch 245 READY 803c23c4 83fe5f68 4080 136 3824 83fe5ff0
33. tMzZgc 250 DELAY 803c23c4 83b4d200 4080 112 3848 83b4d270
34. tDcacheUpd 250 READY 803c23c4 83fefbb8 4992 152 4696 83fefc50
35. tNtp 254 DELAY 803c23c4 8367c6a0 14992 256 11440 8367c7a0
Diagnostic
PB version = 119
registered = 1
Upgrade Level = 163
Watch Dog on = 1
ARP bridge on = 1
Clear DF (Don't Fragment) bit = 0
SYN Flood Prevention = 1
SYN Flood Prevention in Watch mode = 1
Don't Restart for Watchdog Task = 0
Use Ipsec Hardware In = 1
Use Ipsec Hardware Out = 1
Trace message level: Warning
HTTP/HTTPS Management via the WAN enabled (Be careful!!!)
Product
Product Code Value: 521
Language: eng
Short Model Name: TZ 170 Standard
Max SAs Allowed: 10
Max Connections: 6144
Connection Hash Size: 6143
Max Connections when using GAV/IPS: 6144
Connection Hash Size using GAV/IPS: 6143
Max Connected Users: No Limits
Max Local Users: 100
Max User Logins: 150
Max Firewall Rules: 100
HA Groupings: haGroupNone
VPN: UPGRADED, available
HA: NONE
Viewpoint: UPGRADED, available
One Arm Mode: UPGRADED, available
RIP Advertisement: UPGRADED, available
Web Pool Size: 1200
Max IFP Cache Size: 3072
Ethernet Loaner Buffers: 220
Max Queued Pkts: 220
Max Bwmgmt Rules: 20
Interface Names WAN/LAN/OPT
Modem Failover: No
Minimum Firmware Version: c000
Maximum Firmware Version: 0
ManyToOneOn: 1
AES Supported: 1
Fips140: 0
DHCPS Ranges: 255
DHCPS Leases: 1024
Enh Upgrade Code: 621
GMS firmware image name prefix: sw_tz170_s_eng_
maxIPSTCPConnections: 6144
maxGAVConnections: 6144
maxGAVConcurrentCompressed
maxIPS576ByteBuffers: 1000
maxIPS1500ByteBuffers: 1000
Update
Auto Update
fwauParamsShow parameter values:
autoUpdateEnabled: 1
fwNoticeVersion:
fwCurrentStatus: upToDate
fwUpdateVersion:
fwUpdateUrl:
fwRelnotesUrl:
fwUpdateImageSize: 0
fwUpdateImageHash:
updateCheckLastTimeStamp 01/24/2007 05:28:01.192
updateCheckSuccessLastTime
updateGetLastTimeStamp 01/00/1900 00:00:00.000
updateGetSuccessLastTimeSt
GST(strFirmwareAutoCheckSe
GST(strFirmwareAutoCheckUr
notice.notifyFirmwareChang
notice.releaseNotesVers: C000
Firmware update lookup at 5:28
Network
Network mode: NAT with PPPoE Client
LAN IP = 192.168.51.1
LAN Subnet Mask = 255.255.255.0
WAN/NAT public IP = 68.161.61.188
WAN Subnet Mask = 255.255.255.0
WAN Gateway = 10.32.97.1
Nat M21: 1
DNS Server1 = 68.237.161.12
DNS Server2 = 71.243.0.12
DNS Server3 = 0.0.0.0
cacheTimeout = 5
httpProxyName = ''
httpProxyPort = 0
Bypass Proxy server upon failure = 0
Forward OPT Client Requests to proxy server = 0
NetBIOS LAN->OPT = 1
NetBIOS OPT->WAN = 0
NetBIOS OPT->LAN = 0
NetBIOS LAN->WAN = 1
Stealth Mode = 0
Randomize IP ID = 0
IP Spoof Checking = 1
Enable IP Header checksum validation = 0
Enable TCP checksum validation = 0
Enable UDP checksum validation = 0
Enable ICMP checksum validation = 0
OPT in Transparent Mode
OPT Ranges:
Intranet Mode: No Ranges
Number of Intranet Ranges 0
Number of LAN Subnets 0
NAT 121: 0, num1To1Ranges=0
Routing Table:
Internal Routing Tree:
Routes currently in router
network mask (or range) gateway address gateway interface
0.0.0.0 0.0.0.0 10.32.97.1 WAN
10.32.97.1 255.255.255.255 0.0.0.0 WAN
68.161.61.0 255.255.255.0 0.0.0.0 WAN
68.161.61.188 255.255.255.255 0.0.0.0 LAN
192.168.51.0 255.255.255.0 0.0.0.0 LAN
192.168.51.1 255.255.255.255 0.0.0.0 LAN
255.255.255.255 255.255.255.255 0.0.0.0 LAN
LAN RIP Settings:
RIP Advertisement Disabled
OPT RIP Settings:
RIP Advertisement Disabled
RIP dynamic memory usage -- current: 0 bytes high: 0 bytes
Ethernet
Proxy Router Enet = 0
Router Enet: 00 00 00 00 00 00
ProxyPcMacOnWan = 0
PcMacAddrForWan: 00 00 00 00 00 00
Unique Mac Addrs = 1
WAN MAC: 00 06 B1 05 9E CA
LAN MAC: 00 06 B1 05 9E C8
OPT MAC: 00 06 B1 05 9E C9
Fragment outbound packets larger than WAN MTU: 1
WAN MTU: 1500
CP Wan MTU: 1492
WAN Ignore DF Bit for non-VPN traffic: 1
Bandwidth Management WAN: enabled: 0, available 20.000
Services
1, Any, 65535-65535, IP Type 255, logging
2, Authentication, 113-113, TCP, logging
3, Chat (IRC), 194-194, TCP, logging
4, Chat (IRC), 6666-6666, TCP, logging
5, Chat (IRC), 6667-6667, TCP, logging
6, Chat (IRC), 6668-6668, TCP, logging
7, Chat (IRC), 6669-6669, TCP, logging
8, Chat (IRC), 6670-6670, TCP, logging
9, Chat (IRC), 7000-7000, TCP, logging
10, Citrix, 1494-1494, TCP, logging
11, Citrix, 1604-1604, UDP, logging
12, Echo, 7-7, TCP, logging
13, Echo, 7-7, UDP, logging
14, Enhanced TV, 9000-9000, TCP, logging
15, File Transfer (FTP), 21-21, TCP, logging
16, Filemaker, 5003-5003, TCP, logging
17, Filemaker, 5003-5003, UDP, logging
18, Gopher, 70-70, TCP, logging
19, HTTPS, 443-443, TCP, logging
20, IMAP3, 220-220, TCP, logging
21, IMAP4, 143-143, TCP, logging
22, IPSec (ESP), 0-0, IP Type 50, logging
23, Kerberos, 88-88, TCP, logging
24, Kerberos, 88-88, UDP, logging
25, Key Exchange (IKE), 500-500, UDP, logging
26, LDAP, 389-389, TCP, logging
27, Lotus Notes, 1352-1352, TCP, logging
28, Name Service (DNS), 53-53, TCP, logging
29, Name Service (DNS), 53-53, UDP, logging
30, NetBios, 137-137, TCP, logging
31, NetBios, 137-137, UDP, logging
32, NetBios, 138-138, TCP, logging
33, NetBios, 138-138, UDP, logging
34, NetBios, 139-139, TCP, logging
35, NetBios, 139-139, UDP, logging
36, News (NNTP), 119-119, TCP, logging
37, NFS, 2049-2049, TCP, logging
38, NFS, 2049-2049, UDP, logging
39, NTP, 123-123, UDP, logging
40, PC Anywhere, 5631-5631, TCP, logging
41, PC Anywhere, 5632-5632, UDP, logging
42, Ping, 8-8, ICMP, logging
43, Ping, 0-0, ICMP, logging
44, PPTP, 1723-1723, TCP, logging
45, Quicktime, 554-554, TCP, logging
46, RealAudio, 7070-7070, TCP, logging
47, Retrieve E-Mail (POP3), 110-110, TCP, logging
48, Send E-Mail (SMTP), 25-25, TCP, logging
49, SIP, 5060-5060, UDP, logging
50, SNMP, 161-161, UDP, logging
51, SNMP, 162-162, UDP, logging
52, SSH, 22-22, TCP, logging
53, Syslog, 514-514, TCP, logging
54, Syslog, 514-514, UDP, logging
55, Telnet, 23-23, TCP, logging
56, Terminal Services, 3389-3389, TCP, logging
57, Terminal Services, 3389-3389, UDP, logging
58, TFTP, 69-69, UDP, logging
59, Timbuktu, 407-407, TCP, logging
60, Timbuktu, 407-407, UDP, logging
61, Timbuktu, 1417-1417, TCP, logging
62, Timbuktu, 1418-1418, TCP, logging
63, Timbuktu, 1419-1419, TCP, logging
64, Timbuktu, 1419-1419, UDP, logging
65, Timbuktu, 1420-1420, TCP, logging
66, Unix Printer (LPR), 515-515, TCP, logging
67, Video Conference (H323), 1720-1720, TCP, logging
68, Web (HTTP), 80-80, TCP, logging
69, Whiteboard (T120), 1503-1503, TCP, logging
70, HTTP Management, 80-80, mgmt, TCP, logging
71, HTTPS Management, 443-443, mgmt, TCP, logging
72, web access, 8185-8185, UDP, logging
73, web access, 8185-8185, TCP, logging
74, Gatekeeper (H323), 1718-1718, UDP, logging
75, Gatekeeper (H323), 1719-1719, UDP, logging
76, WGS External Authentication, 4043-4043, TCP, logging
77, NT Domain Login, 135-135, TCP, logging
78, NT Domain Login, 137-137, TCP, logging
79, NT Domain Login, 137-137, UDP, logging
80, NT Domain Login, 138-138, TCP, logging
81, NT Domain Login, 138-138, UDP, logging
82, NT Domain Login, 139-139, TCP, logging
83, NT Domain Login, 139-139, UDP, logging
84, NT Domain Login, 389-389, TCP, logging
85, NT Domain Login, 88-88, TCP, logging
86, NT Domain Login, 88-88, UDP, logging
87, NT Domain Login, 1025-1025, TCP, logging
88, ShoreTel Call Control, 5440-5440, UDP, logging
89, ShoreTel Call Control, 5441-5441, UDP, logging
90, ShoreTel Call Control, 5442-5442, UDP, logging
91, ShoreTel Call Control, 5443-5443, UDP, logging
92, ShoreTel Call Control, 5444-5444, UDP, logging
93, ShoreTel Call Control, 5445-5445, UDP, logging
94, ShoreTel Call Control, 5446-5446, UDP, logging
95, ShoreTel RTP, 5004-5004, UDP, logging
96, ShoreTel IP Phone Control, 2427-2427, UDP, logging
97, ShoreTel IP Phone Control, 2727-2727, UDP, logging
98, Tivo TCP Beacon, 2190-2190, TCP, logging
99, Tivo UDP Beacon, 2190-2190, UDP, logging
100, Tivo TCP Data, 8080-8080, TCP, logging
101, Tivo TCP Data, 8081-8081, TCP, logging
102, Tivo TCP Data, 8082-8082, TCP, logging
103, Tivo TCP Data, 8083-8083, TCP, logging
104, Tivo TCP Data, 8084-8084, TCP, logging
105, Tivo TCP Data, 8085-8085, TCP, logging
106, Tivo TCP Data, 8086-8086, TCP, logging
107, Tivo TCP Data, 8087-8087, TCP, logging
108, Tivo TCP Data, 8089-8089, TCP, logging
109, Tivo TCP Desktop, 8101-8101, TCP, logging
110, Tivo TCP Desktop, 8102-8102, TCP, logging
111, Tivo TCP Desktop, 8200-8200, TCP, logging
Rules
1, priority 1, HTTP Management, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 LAN
dst IP 192.168.51.1-192.168.51.1 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt y, timeout 5
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added management rule
2, priority 2, Terminal Services, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 WAN
dst IP 192.168.51.23-192.168.51.2
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 5
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
3, priority 3, PC Anywhere, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 WAN
dst IP 192.168.51.23-192.168.51.2
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 5
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
4, priority 4, Web (HTTP), Allow, Enabled
src IP 0.0.0.0-255.255.255.255 WAN
dst IP 192.168.51.23-192.168.51.2
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 5
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
5, priority 5, HTTPS Management, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 ANY
dst IP 192.168.51.1-192.168.51.1 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 5
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
6, priority 6, Key Exchange (IKE), Allow, Enabled
src IP 0.0.0.0-255.255.255.255 ANY
dst IP 192.168.51.1-192.168.51.1 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable y, auto-added y, for remote access n, auto-added mgmt n, timeout 5
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added inbound IKE rule
7, priority 7, Key Exchange (IKE), Allow, Enabled
src IP 192.168.51.1-192.168.51.1 LAN
dst IP 0.0.0.0-255.255.255.255 ANY
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable y, auto-added y, for remote access n, auto-added mgmt n, timeout 5
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added outbound IKE rule
8, priority 8, NetBios, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 OPT
dst IP 0.0.0.0-255.255.255.255 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt n, timeout 5
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Windows Networking Support
9, priority 9, Kerberos, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 OPT
dst IP 0.0.0.0-255.255.255.255 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt n, timeout 5
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Windows Networking Support
10, priority 10, Chat (IRC), Deny, Enabled
src IP 0.0.0.0-255.255.255.255 ANY
dst IP 0.0.0.0-255.255.255.255 ANY
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 5
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
11, priority 11, Any, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 OPT
dst IP 0.0.0.0-255.255.255.255 WAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 5
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
12, priority 12, Any, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 LAN
dst IP 0.0.0.0-255.255.255.255 ANY
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 5
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
Enable support for Oracle (SQLNet) is off
MSN
Enable support for Windows Messenger is off
SIP
Enable consistent NAT is off
Enable SIP Transformations is off
Permit non-SIP packets on signaling port is off
SIP Signaling inactivity time out is 1800
SIP Media inactivity time out is 120
Additional SIP signaling port is 0
Maximum VoIP Endpoints is 2048
SIP Endpoints
Contact Initiator Responder Life Bandwidth User-ID
--------------------- --------------------- --------------------- ------ ---------- -------
SIP Users: 0
SIP Calls
Endpoints Bandwidth Used Call-ID
--------- -------------- -------
SIP Calls: 0
H.323
Enable H.323 Transformations is on
Only accept incoming calls from Gatekeeper is off
Enable LDAP ILS Support is off
H.323 Signaling/Media inactivity time out is 300
Default WAN/OPT Gatekeeper IP Address is 0.0.0.0
Maximum VoIP Endpoints is 2048
H.323 Counters:
367 *INIT_DONE 1
H.323 RAS Endpoints
Endpoint Gatekeeper Call Signal Call Signal (Remap) Relax TTL Tx (Bytes) Rx (Bytes) User-ID
--------------------- --------------------- --------------------- --------------------- ----- ----- ---------- ---------- -------
H.323 RAS Users: 0
H.323 Calls
From To Bandwidth Used
---- -- --------------
H.323 Calls: 0
RTSP
Enable RTSP Transformations is on
gEnableRtspSupport : 1 rtsp_debug : 0
gRtspStatefulEnable : 1 gRtspMaxRetransmit : 4
gRtspTcpMaxWindowOos : 11680 gRtspTcpMaxWindowRetransmi
gRtspTcpDropped : 0 gRtspTcpDroppedOos : 0
gRtspTcpDroppedDuplicate : 0 gRtspTcpResyncOos : 27
gRtspUdpMaxWindow : 1024 gRtspUdpDropped : 0
gRtspUdpRtpDroppedSmallerW
gRtspUdpRtcpDroppedPacketT
gRtspUdpCacheLastDrop : 0x00000000 gRtspUdpWindowSkip : 10
gRtspUdpDropSkip : 0
gRtspDecodeNotC2SCommand : 91 gRtspDecodeNotS2CResponse : 5055
gRtspDecodeErrC2SCommand : 0 gRtspDecodeErrS2CResponse : 0
gRtspDecodeErrHeaderGet : 0 gRtspDecodeErrHeaderModify
Drop source routed IP packets is on
Users
Max local users 100, currently 17 configured
Max user logins 150
User Authentication Method = Local
User Inactivity = 5
Max User Login Time = 30
Administrator Name = admin
Administrator Timeout = 5
Allow only auth users to Internet = 0
Services to bypass Internet auth: Name Service (DNS),Name Service (DNS),Key Exchange (IKE)
URLs to bypass access rule auth:
Services to bypass VPN auth:
Enable user lockout on login failure: no
- Lock out user after 5 failed attempts in 1 minute
- Lock out user for 5 minutes
Acceptable use policy:
'(null)'
- Enable on LAN login: yes
- Enable on WAN login: no
- Enable on DMZ login: yes
- Enable on VPN login: no
- Window size: 460 x 310
- Window scrollbars: yes
Users:
1, administrator, Bypass-Filter=0, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
2, Dfaye.Anderson, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
3, Ernest.Crane, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
4, Fred.Cotton, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
5, Hanifah.Bernier, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
6, Herny.Salinas, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
7, JamesP, Bypass-Filter=1, VPN Access=1,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
8, kathy, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
9, Kimberly.Larosa, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
10, KING, Bypass-Filter=1, VPN Access=1,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
11, Marc.Helfand, Bypass-Filter=1, VPN Access=1,
L2TP Access=1, VPN XAUTH Client=1, Ltd Mgmt=0
12, MarDonald, Bypass-Filter=1, VPN Access=1,
L2TP Access=1, VPN XAUTH Client=1, Ltd Mgmt=0
13, Patricia.Miller, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
14, Philip.Jack, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
15, Ruth.Daniel, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
16, SamSouidi, Bypass-Filter=1, VPN Access=1,
L2TP Access=1, VPN XAUTH Client=1, Ltd Mgmt=1
17, Zacary.Lareche, Bypass-Filter=1, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
Users currently connected
Addr 192.168.51.236, flags 0x22
User admin logged in, max session 0 mins
Privs: Bypass-Filter=0, VPN Access=1,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
session 30 secs, inactivity 15 secs, status fetch 0 secs
------
User IP Tree: Total free entries: 100, currently free 99
User IP Logn: Total free entries: 10, currently free 10
User IP Url: Total free entries: 10, currently free 10
User IP Sess: Total free entries: 100, currently free 100
Cache hits: 4.80%
Management
HTTP Management: 1
HTTP Management Port: 80
HTTPS Management: 1
HTTPS Management Port: 443
Https Cert name: Use Selfsigned Certificate
Certificate Common Name: 192.168.168.168
Additional Management: None
SNMP
SNMP Disabled
System Name:
System Contact:
System Location:
Get Community Name: public
Trap Community Name:
Host 1:
Host 2:
Host 3:
Host 4:
SGMS Host :
SGMS Host Trap Port = 162
Standby SGMS Host:
Standby SGMS Host Trap Port = 162
Content Filtering
Content Filter Type: CFS
Apply Content Filter on:
: LAN: 1
: OPT: 1
Restrict WEB Features:
ActiveX: 0
Java: 0
Cookies: 0
WebProxy: 0
Known Fraudulent Certificates: 0
Don't block Java/ActiveX/Cookies to Trusted Domains: 0
Custom List: Trusted Sites
number of trusted URLs 1
1: www.fasttrackcatalog.com
webBlockMsg: WildCat Services Corp. - Unauthorized site.
webPoolSize = 1200
wtHighWater = 99
SonicWALL Content Filter
block custom URLs: 1
allowOnlyAllowedDomains: 0
blockURLKeywords: 1
Custom List: Allowed Sites
num allowed URLs 19
1: edvideo.thirteen.org
2: http://edvideo.thirteen.or
3: http://edvideo.thirteen.or
4: http://test.edperformance.
5: http://www.edperformance.c
6: http://www.thirteen.org/ed
7: www.acronymfinder.com
8: www.fasttrackcatalog.com
9: www.jvlwildcat.org
10: www.learner.org
11: www.magicbymarc.com
12: www.mail2web.com
13: www.pearlpaint.com
14: www.pricegrabber.com
15: www.sneakergame.com
16: www.systemsservicesinc.com
17: www.thirteen.org
18: www.unitedstreaming.com
19: www.utrecht.com
Custom List: Forbidden Sites
num forbidden URLs 214
1: 64.72.123.156
2: 64.72.125.239
3: astrozine.astrology.com
4: comics.ign.com
5: http://adam4adam.com/
6: http://coolkicks.com
7: http://liveleak.com
8: http://websiteproxy.com
9: http://welivetogether.com
10: http://www.adam4adam.com/
11: http://www.aimtoday.com
12: http://www.bj.com
13: http://www.fhm.com/
14: http://www.fhmus.com/
15: http://www.juelz.com
16: http://www.ltunnel.com
17: http://www.maxim.com
18: http://www.myspace.com
19: http://www.proxy-pro.com
20: http://www.publicproxyserv
21: https://64.72.123.156
22: https://64.72.125.239
23: https://hidebehind.com
24: https://hidebehind.com/
25: https://schoolbypass.com
26: https://www.hidebehind.net
27: https://www.unblockweb.net
28: https:\\:www.hidebehind.ne
29: https:\\www.hidebehind.net
30: https:www.hidebehind.net
31: myspace.net
32: proxy
33: welivetogether.com
34: www.23isback.com
35: www.3proxy.com
36: www.3proxy.net
37: www.3proxy.org
38: www.adam4adam.com
39: www.aim.com
40: www.aimexpress.com
41: www.aimtoday.com
42: www.airjordans.com
43: www.allhiphop.com
44: www.americansingles.com
45: www.angelfire.com
46: www.anysonglyrics.com
47: www.aol.com
48: www.aresgalexy.com
49: www.astrology.com
50: www.azlyrics.com
51: www.b20vtec.com
52: www.backfox.com
53: www.badmantime.com
54: www.bearshare.com
55: www.bebo.com
56: www.bizrate.com
57: www.bj.com
58: www.blackplanet.com
59: www.bloods.com
60: www.boostmobile.com
61: www.browsespace.com
62: www.bumfights.com
63: www.cankicks.com
64: www.chat-avenue.com
65: www.cheatcc.com
66: www.cheatplanet.com
67: www.cinproductions.com
68: www.cinteenbash.com
69: www.coolkicks.com
70: www.dapslyrics.com
71: www.defjam.com
72: www.dipsetmixtapes.com
73: www.dirtbike.com
74: www.dirtbikemagazine.com
75: www.dontblinkmixtape.com
76: www.downelink.com
77: www.eastbay.com
78: www.ebay.com
79: www.ejams.com
80: www.el-ladies.com
81: www.espn.com
82: www.expage.com
83: www.facebook.com
84: www.fhm.com
85: www.fhmus.com
86: www.flash163.net
87: www.flashportal.com
88: www.flowgo.com
89: www.footlocker.com
90: www.forbidden100.com
91: www.freshmeat.net
92: www.g-unitsoldier.com
93: www.g-unitworld.com
94: www.galleryofguns.com
95: www.gamepro.com
96: www.gamerscircle.com
97: www.gamewinners.com
98: www.gangsta411.com
99: www.ghostclick.com
100: www.gunitworld.com
101: www.harlemdiplomates.com
102: www.helpmehide.com
103: www.hi5.com
104: www.hidebehind.com
105: www.hidebehind.net
106: www.hiphipgames.com
107: www.hxcmp3.com
108: www.ign.com
109: www.imeem.com
110: www.imesh5.com
111: www.instantunblock.com
112: www.instantunblock.net
113: www.instantunblock1.com
114: www.jkickz.com
115: www.jlo.net
116: www.juelz.com
117: www.kazaa.com
118: www.latinosunido.com
119: www.launch.com
120: www.launch.yahoo.com
121: www.lavalife.com
122: www.lightproxy.com
123: www.lilkim.com
124: www.lilkimzone.com
125: www.limewire.com
126: www.links2love.com
127: www.liveleak.com
128: www.lloydbanksonline.com
129: www.localhookupz.com
130: www.lyrics.com
131: www.lyricsdownload.com
132: www.match.com
133: www.maxim.com
134: www.mi-gente.com
135: www.migenta.com
136: www.migenta.org
137: www.migente.com
138: www.migentecafe.com
139: www.miniclip.com
140: www.mixtapez.com
141: www.mixunit.com
142: www.msn.com
143: www.mtv.com
144: www.myniggaspace.com
145: www.myspace.com
146: www.myway.com
147: www.newgrounds.com
148: www.nextpimp.com
149: www.nicekicks.com
150: www.nigga.com
151: www.niggaspace.com
152: www.nike.com
153: www.niketown.com
154: www.nycdashes.com
155: www.ohhla.com
156: www.onlykeshia.com
157: www.paxed.com
158: www.peekvid.com
159: www.phproxy.com
160: www.pickyourshoes.com
161: www.pimper.com
162: www.pimper.org
163: www.playstation.com
164: www.porsch.com
165: www.poxy.com
166: www.productopinionpanel.co
167: www.proxy-pro.com
168: www.proxyserver.com
169: www.psfights.com
170: www.psp.com
171: www.psp.connect.com
172: www.rapnewsdirect.com
173: www.residentevil.com
174: www.rhymetime.com
175: www.rhymetyme.com
176: www.rocafella.com
177: www.rockafella.com
178: www.rockafeller.com
179: www.rotten.com
180: www.schoolbypass.com
181: www.sconex.com
182: www.selectkicks.com
183: www.shoe22.com
184: www.showmedakicks.com
185: www.snoopblock.com
186: www.soleredemption.com
187: www.sony.com
188: www.soundclick.com
189: www.stickofdeath.com
190: www.stomptheyard.com
191: www.streetkings.com
192: www.tagged.com
193: www.thatvideosite.com
194: www.the-cloak.com
195: www.thefreecountry.com
196: www.toolforyou.net
197: www.u-mad.com
198: www.unblock1.com
199: www.unblockme.com
200: www.unblockme.net
201: www.unblockweb.com
202: www.unblockweb.net
203: www.uptempo.com
204: www.vintagekicks.com
205: www.w3.org
206: www.websneak.net
207: www.welivetogother.com
208: www.whatspoppin.net
209: www.whitefyre.com
210: www.worldwant.com
211: www.wwe.com
212: www.xsent.com
213: www.youngmillions.com
214: www.youtube.com
Custom List: Forbidden Keywords
num keywords 66
1: 357
2: 50%20cent
3: adam4adam
4: adult
5: air%20jordan
6: astrology
7: bear%20share
8: bebo.com
9: chat
10: cunt
11: dipset
12: fat%20joe
13: fatass
14: fuck
15: g-unit
16: games
17: hidebehind
18: hidebehind.com
19: hip%20hop
20: hiphop
21: imesh
22: imesh%205
23: j-lo
24: jennifer%20lope
25: jim%20jones
26: jlo
27: juelz
28: killacam
29: lightproxy
30: lil%20kim
31: limewire
32: magnum
33: man%20to%20man
34: mase
35: mature
36: messenger
37: music%20video
38: myspace.com
39: naked
40: phone cases
41: phone covers
42: playboy
43: playstation
44: porn
45: pornography
46: proxy-pro
47: psp
48: pussy
49: ringtones
50: rocafella
51: sconex
52: sex
53: sexy
54: shit
55: sneaker
56: tickle
57: unblock
58: unblockme
59: uptempo
60: video
61: welivetogother
62: winmx
63: xxx
64: yo%20mama
65: yo%20mamma
66: yo%20momma
TOD always-on: 0
from 09:00 to 18:00
from Mon to Fri
Consent Page
aup.showPolicyPage: 0
aup.activityTimeout: 0
aup.policyURLAdults:
aup.policyURLKids:
aup.acceptedURL:
aup.acceptedWithFilterURL:
filtered IP addresses:
64.72.125.239
CFS Filter
Blocked Categories:
1, 3, 4, 5, 6, 7, 8, 9, 10, 11
12, 13, 28, 34, 42, 47, 48, 50, 51
Server Address =
Block On Fail = 1
Failed Timeout = 10
Block Blocked Sites = 1
Log Blocked Sites = 1
URL Cache Size = 3072 KB
mode1 = 1
Timeout1 = 0
Timeout2 = 0
mode2 = 0
mode4 = 3
Server Ready = 0
Server Status Code = 0
Allocated cache: 3120024 bytes
Subscription Expires On 10/01/2004
N2H2 Content Filter
Server Address =
Listen Port = 4005
Replay Port = 4005
User Name:
Block On Fail = 1
Failed Timeout = 5
Block Blocked Sites = 1
Log Blocked Sites = 0
URL Cache Size = 50 KB
Server Ready = 0
Server Status Code = 0
Websense Enterprise Content Filter
Server Address =
Server Port = 15868
User Name:
Block On Fail = 1
Failed Timeout = 5
URL Cache Size = 50 KB
Server Ready = 0
licenseCount = 0
Server Status Code = 0
Email Filtering
E-Mail Filtering Service is DISABLED
Mail Attachment Filtering Alert Service is enabled
MAFiA Timestamp = UTC 10/01/2004 14:00:00.000
File List:
num forbidden files 0
Subject List:
num forbidden files 0
Forbidden Attachment Option: Disable forbidden file by altering the file extension
Warning Message Text: The attachment to your E-mail has been disabled by the SonicWALL Virus Filter. See your network administrator for details.
Logging
smtpServerName = ''
Log email:
Alert email:
Firewall Name: 0006B1059EC8
logEmailFreq: only when full
Day Of Week Sun, Time Of Day 0
Auxillary Syslog Servers(Address:Port)
Syslog Format: Default
Syslog Individual Event Rate: 60
Rate Limiting:
Event Limiting: Disabled, Threshold: 50 events/second
Syslog Output Limiting: Disabled, Threshold: 10000 bytes/second
Log Mask:
System Maintenance: 1
Attacks: 1
System Errors: 1
Dropped TCP: 1
Blocked Web Sites: 1
Dropped UDP: 1
Blocked Java etc: 1
Dropped ICMP: 1
User Activity: 1
Network Debug: 0
VPN TCP Stats: 0
Denied LAN IP: 0
Alert Mask:
Attacks: 1
System Errors: 1
Blocked Web Sites: 0
VPN Tunnel Status: 0
collectReportData = 0
ViewPoint: Upgraded
Message Queue Statistics:
Max Queue Size: 38
Queue Overflows: 0
PPPOE Client
Enabled
Connected
Obtain an IP Address automatically
Static IP address = 0.0.0.0
User Name: vze75ckc
Password: <Password exists>
Inactivity Timeout Disabled
Inactivity Time 10 minutes
PPPoE Globals
state ipcp lcp idleTime lostEcho
SESSION 1 1 3425946675 0
L2TP Client
Disabled
Disconnected
Obtain an IP address using DHCP
L2TP Host Name
L2TP Server IP Address = 0.0.0.0
User Name:
Password: None
Traffic inactivity time out Disabled
Inactivity Time 10 minutes
L2TP Gateway Address = 0.0.0.0
L2TP SonicWALL IP Address = 0.0.0.0
L2TP DNS Server1 = 0.0.0.0
L2TP DNS Server2 = 0.0.0.0
PPTP Client
Disabled
Disconnected
Obtain an IP address using DHCP
PPTP Client Host Name
PPTP Server IP Address = 0.0.0.0
User Name:
Password: None
Traffic inactivity time out Disabled
Inactivity Time 10 minutes
PPTP Gateway Address = 0.0.0.0
PPTP SonicWALL IP Address = 0.0.0.0
PPTP DNS Server1 = 0.0.0.0
PPTP DNS Server2 = 0.0.0.0
DHCP Client
active=0
DHCP Server ID = 0.0.0.0
Lease Origin=0
Lease Duration=0
DNS Server1 = 0.0.0.0
DNS Server2 = 0.0.0.0
DNS Server3 = 0.0.0.0
Domain Name = ""
Host Name = ""
DHCP Server
Enable DHCP = 0
Allow DHCP Pass Through = 0
Pool Entry 0
Flags = DYNAMIC PROPAGATE_DNS_SETTINGS
Lease Period = 1440 minutes
Range Start = 192.168.51.2
Range End = 192.168.51.254
Interface = LAN
Default Gateway = 192.168.51.1
Subnet Mask = 255.255.255.0
Domain Name = (null)
DNS Servers = 68.237.161.12 71.243.0.12
WINS Servers =
Current leases: 0
Available Dynamic: 0
Available Static: 0
Total: 0
IPSec
vpnFeaturesOn 1
IPSec enabled on
firewall identifier: 'wscnyc'
VPN Netbios disabled
Fragmented Packet Handling disabled
Ignore DF (Don't Fragment) Bit enabled
Clean up Active tunnels when Peer Gw DNS name resolves to a different IP Address: enabled
Nat traversal enabled
IKE Dead-Peer-Detection(DPD) enabled, Interval 60, Threshold 3
IKE Keep Alive interval (seconds) 240
VPN Single Armed mode disabled
Override default VPN tunnel for mgmt traffic disabled
Bandwidth Management VPN: enabled: 0, guaranteed 0.000, max 0.000, priority 0
Send VPN tunnel traps only when tunnel status changes disabled
SA limit, including Group SA: 11
--- SA 1 ---
name "GroupVPN", enabled,
Phase 1 Exchange: Aggressive Mode
Phase 1: DHGroupID 2, Encrypt/Auth - 3DES SHA1
Phase 2: DHGroupID 1, Encrypt/Auth - ESP 3DES HMAC SHA1
Key Exchange: IKE with Preshared secret
VPN Terminated at: LAN
xauth on, netbios off, PFS off
ApplyNatAndRules off, ForwardPacketsToRemoteVPNs
KeepAlive off (Try-all off), CentralDhcpTunnel off
IKE SA Life time (secs) = 28800
Ipsec SA Life time (secs) = 28800
Authentication of local users off, Authentication of remote users off
gw 0.0.0.0
secondary gw 0.0.0.0
Default LAN gateway 0.0.0.0
Pre-shared Key len 16, val=D5993A05EA6368FB
GroupVPN Client Settings:
User Name and Password Caching:
XAUTH User Authentication is Required
Cache XAUTH User Name and Password on Client: Never
Client Connections:
Virtual Adapter Settings: None
Allow Connections to Split Tunnels
Set Default Route as this Gateway is Not Selected
Personal Firewall on Client Machine is Not Required
Client Initial Provisioning:
Use Default Key for Simple Client Provisioning is Not Selected
IPSec Memory Usage:
Max SAs: 11
Master policy db, main array: 1232 bytes
Master policy db, SA names: 1 8 bytes
Master policy db, gw names: 0 0 bytes
Master policy db, crypto keys: 1 16 bytes
Master policy db, auth keys: 0 0 bytes
Master policy db, ph1 xforms: 1 4 bytes
Master policy db, ph2 xforms: 1 5 bytes
Master policy db, dest nets: 0 0 bytes
Master policy db, certs: 0 0 bytes
Master policy db, total: 1265 bytes
Total SAs: 1
Total IKE SAs: 1
IKE policy db, IKEInfos: 0 0 bytes
IKE policy db, IPSECPREFs: 0 0 bytes
IKE phase 1 Prefs, basic: 0 0 bytes
IKE phase 1 Prefs, transforms: 0 0 bytes
IKE phase 1 Prefs, rem ids: 0 0 bytes
IKE phase 1 Prefs, certs: 0 0 bytes
IKE phase 1 Prefs, total: 0 bytes
L2TP Server
Disabled
L2TP Keep alive time (secs) 60
DNS Server 1 = 0.0.0.0
DNS Server 2 = 0.0.0.0
WINS Server 1 = 0.0.0.0
WINS Server 2 = 0.0.0.0
Use the Local L2TP IP pool
Start IP = 0.0.0.0
End IP = 0.0.0.0
PKI:
admin certificate unactive
Admin CRL Download Scheduled = -1
User CRL Download Scheduled = -1
Admin CRL number downloaded = 0
User CRL number downloaded = 0
Third Party Certificates:
CA Certificates number imported = 0
Local Certificates number imported = 0
Certificate Signing Requests number pending = 0
RADIUS
retry count: 3, server timeout: 5
---server 1---
IPort Number = 1812
IP Address/name = 0.0.0.0
Shared Secret =
---server 2---
IPort Number = 1812
IP Address/name = 0.0.0.0
Shared Secret =
Global RADIUS user privs: Bypass-Filter=0, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
Anti-Virus
Upgrade Status: Upgrade Required
avEnable = Disabled
avReduceTraffic = Disabled
downloadUrl =
avEncryptKey = 2c18b3bb462b77769784954819
daysToForceUpdate = 5
lowRiskAlert = Off
mediumRiskAlert = On
highRiskAlert = On
avLicenseCount = 0
avExpire = UTC 10/01/2004 00:00:00.000
avLowRiskAlertTimestamp = UTC 06/06/2001 04:14:00.000
avMediumRiskAlertTimestamp
avHighRiskAlertTimestamp = UTC 08/17/2005 00:49:06.000
policeOPT = Off
Disable policing from LAN to OPT = Off
Range Mode = Police All
Global security client Info:
policyGSCversion = 0
policyID = 636363636363636301cd8feb75
gscDownloadUrl = https://policymanager.soni
listSize = 1100
licenseCount = 1000
numActiveClients = 0
IP addr UP to date Last Replied First Ping Policy Version Num Pings
--------------- ----------------- -------------- -------------- --------------- ---------
--------------------------
IDP is NOT Activated
IDP is NOT Enabled
IDP Reassembly is NOT Enabled
Signature database is NOT present
Signature database download is NOT in-progress
SchedulerId is 0
Last time we received a valid signature database we successfully loaded 0 signatures
DPIDisabled (configured) is 0
DPIDisabled (running) is 0
running signature timestamp = UTC 01/00/1900 00:00:00.000
timestamp last checked = 01/23/2007 15:56:42.768
latest available signature timestamp = UTC 01/00/1900 00:00:00.000
last successful downloaded db signature timestamp = UTC 01/00/1900 00:00:00.000
compressed signature image size = 0 bytes
P2P signatures are NOT present
IM signatures are NOT present
Global Detect All High Priority = 0
Global Detect All Medium Priority = 0
Global Detect All Low Priority = 0
Global Prevent All High Priority = 0
Global Prevent All Medium Priority = 0
Global Prevent All Low Priority = 0
Global High Priority Redundancy Timer = 0 seconds
Global Medium Priority Redundancy Timer = 0 seconds
Global Low Priority Redundancy Timer = 60 seconds
64 byte buffer count = 1000 free
576 byte buffer count = 1000 free
1500 byte buffer count = 1000 free
packet buffer count = 3000 free
Gateway Anti-Virus is NOT Activated
Gateway Anti-Virus is NOT Enabled
SMTP Inbound is Enabled
SMTP Outbound is NOT Enabled
HTTP is Enabled
POP3 is Enabled
IMAP is Enabled
FTP is Enabled
TCP Stream is NOT Enabled
Suppress SMTP Responses is NOT Enabled
Send Client Alert is NOT Enabled
Restrict password-protected zip files is NOT Enabled
Restrict MS-Office macro files is NOT Enabled
Restrict packed executable files is Enabled
Disable Eicar test virus detection is Enabled
Disable POP3 Auto Deletion is NOT Enabled
Disable POP3 UIDL rewriting is NOT Enabled
Enable Byte-Range HTTP requests is NOT Enabled
Enable 'REST' FTP client requests is NOT Enabled
Expiration Date = UTC 10/01/2004 00:00:00.000
running signature timestamp = UTC 01/00/1900 00:00:00.000
latest available signature timestamp = UTC 01/00/1900 00:00:00.000
Anti-Spyware is NOT Activated
Anti-Spyware is NOT Enabled
SMTP Inbound is Enabled
HTTP is Enabled
POP3 is Enabled
IMAP is Enabled
FTP is Enabled
Outbound Spyware Scanning is Enabled
Suppress SMTP Responses is NOT Enabled
Send Client Alert is NOT Enabled
Expiration Date = UTC 10/01/2004 00:00:00.000
running signature timestamp = UTC 01/00/1900 00:00:00.000
latest available signature timestamp = UTC 01/00/1900 00:00:00.000
Global Detect All High Priority = 0
Global Detect All Medium Priority = 0
Global Detect All Low Priority = 0
Global Prevent All High Priority = 0
Global Prevent All Medium Priority = 0
Global Prevent All Low Priority = 0
Global High Priority Redundancy Timer = 0 seconds
Global Medium Priority Redundancy Timer = 0 seconds
Global Low Priority Redundancy Timer = 0 seconds
License info
LicenseNumberIps: Unlimited
fwinfoDomain is: licensemanager.sonicwall.c
LicenseNumberVPNclients 1
GSC Policy Version: 0
Time
Time Zone: "Eastern Time (US & Canada) (GMT-5:00)"
Use International time format: 0
Use DST: 1
Use UTC in log: 0
Use NTP: 1
NTP update interval: 60 minutes
Custom NTP Server List:
Current NTP server tick.mit.edu
Flash Prefs Load/Save Statistics
calls made since startup: 5
smallest mem block during a save: 24922704 at time: 01/23/2007 10:56:57.176
current ASCII prefs file size: 76326
current compressed prefs file size: 24867
prefs were read at startup: Successfully
Flash Prefs Mirror State
Mirror Image A Active
Pref Pointer points to Block A
Max available pref size per Mirror: 5.500 Mbyte
DHCP over VPN
DHCP Relay Enabled : 0
Remote Gateway : 0
Central Gateway : 1
Relay IP Address : 0.0.0.0
DHCP Mgmt IP Address : 0.0.0.0
Peer Network Address : 0.0.0.0
Peer Subnet Mask : 0.0.0.0
Using IP Helper : 0
Doing IP Spoof Detect : 1
Serve Temp Lease : 0
Temp Lease Time : 120 (seconds)
GroupVPN Relay Addr : 0.0.0.0
Use Internal DHCP Server : No
For Global VPN Client : No
For Remote Firewall : No
Static IP Addresses on LAN:
Excluded Devices on LAN:
DHCP Server List:
Status:
Dynamic DNS
lineMode: 1
Number of DDNSS entries: 0
Memory Partition Statistics
status bytes blocks avg block max block
------ --------- -------- ---------- ----------
current
free 25001056 18 - 24922720
alloc 32313184 3459 - -
--Cache check----------
Cache current: 88, high water 202, added 190504, deleted 190416
ConnNode errors: 0, Hash List errors: 0, ConnNode cleanup errors: 0
buffer bounds check (buffer from 0x83697df8 to 0x836bbdf8)
checking freeBufferList (6056 elem)
checking unmappedList (0 elem)
checking connectionTable
checking freeNodeList (6056 elem)
total bounding errors: 0, connection table errors 0, nat table errors 0, conn node errors 0
--Cache check complete---------
32604: 'tNetTask' '../../..' 761
477: 'tNetTask' '../../..' 380
System Timer Name is tTimerTask running at priority 50 with stack size 32768 bytes
System Timer Semaphore Id is 0x83973eb0
System Timer Expiration Maximum is 128 per execute
System Timer 60 ticks per second
System Timer current slot is 23682
System Timer used 13 of total 314
System Timer used high-water 15
System Timer ExecuteCount 154754, UpdateCount 154754
--------------------------
id: 'name'(taskPriority, flags) @(slot, count) function(param)
--------------------------
0x83ade5d8: 'cachTi'( 0, 0x1100) @(23682, 0) 0x800bb3e8(0)
0x83ade5f8: 'synflo'( 0, 0x1100) @(23682, 0) 0x80053be4(0)
0x83ade618: 'tIkeRe'( 50, 0x1100) @(23684, 0) 0x80166a04(2153442016)
0x83ade638: 'enetMo'( 0, 0x1100) @(23684, 0) 0x8023ddc8(0)
0x83ade658: 'usrTim'( 0, 0x1100) @(23696, 0) 0x80343590(0)
0x83ade678: 'NatTra'( 0, 0x1100) @(23702, 0) 0x801672cc(0)
0x83ade698: 'licens'( 0, 0x1100) @(23732, 0) 0x803454f0(0)
0x83ade6b8: 'LdapLi'( 0, 0x1100) @(23732, 0) 0x802d7e38(0)
0x83ade6d8: 'IKETun'( 0, 0x1100) @(23732, 0) 0x8016721c(0)
0x83ade6f8: 'arpAge'( 0, 0x1100) @(23732, 0) 0x80240310(0)
0x83ade718: 'IKEKee'( 0, 0x1100) @(23732, 0) 0x80167154(0)
0x83ade738: 'vpnTim'( 0, 0x1100) @(23732, 0) 0x801539a4(0)
0x83ade758: 'fwUpda'( 0, 0x1100) @( 8244, 2) 0x8034c654(0)
--------------------------
start fdr dump
end fdr dump
Stateful statistics by protocol:
Protocol Overwrites Max Overwrite ID Errors Decode Errors
-------- ---------- ------------- --------- -------------
FTP 0 0 0 0
TFTP 0 0 0 0
NetBios 0 0 0 0
RealAudio 0 0 0 0
PPTP 0 0 0 0
HTTP 0 0 0 0
SMTP 0 0 0 0
POP3 0 0 0 0
News 0 0 0 0
Oracle 0 0 0 0
SIP 0 0 0 0
MSN 0 0 0 0
H.323 0 0 0 0
QuickTime 0 0 0 0
Invalid TCP packets before handshake: 28
------------------------in
Active Internet connections (including servers)
PCB Proto Recv-Q Send-Q Local Address Foreign Address (state)
-------- ----- ------ ------ ------------------ ------------------ -------
83ef9148 TCP 0 5011 192.168.51.1.80 192.168.51.236.1258 ESTABLISHED
83ef9250 TCP 0 0 192.168.51.1.80 192.168.51.236.1257 TIME_WAIT
83ef9040 TCP 0 0 0.0.0.0.443 0.0.0.0.0 LISTEN
83ef8fbc TCP 0 0 0.0.0.0.80 0.0.0.0.0 LISTEN
83ef8eb4 UDP 0 0 0.0.0.0.67 0.0.0.0.0
83ef8e30 UDP 0 0 0.0.0.0.500 0.0.0.0.0
83ef8908 UDP 0 0 0.0.0.0.161 0.0.0.0.0
------------------------St
type number
--------- ------
FREE : 1537
DATA : 61
HEADER : 2
SOCKET : 0
PCB : 0
RTABLE : 0
HTABLE : 0
ATABLE : 0
SONAME : 0
ZOMBIE : 0
SOOPTS : 0
FTABLE : 0
RIGHTS : 0
IFADDR : 0
CONTROL : 0
OOBDATA : 0
IPMOPTS : 0
IPMADDR : 0
IFMADDR : 0
MRTABLE : 0
TOTAL : 1600
number of mbufs: 1600
number of times failed to find space: 0
number of times waited for space: 0
number of times drained protocols for space: 0
__________________
CLUSTER POOL TABLE
__________________________
size clusters free usage
--------------------------
64 512 484 91019
128 512 478 57356
256 512 506 3196
512 256 256 3713
1024 200 200 2106
2048 100 100 6552
--------------------------
------------------------St
type number
--------- ------
FREE : 471
DATA : 0
HEADER : 0
SOCKET : 7
PCB : 11
RTABLE : 14
HTABLE : 0
ATABLE : 0
SONAME : 0
ZOMBIE : 0
SOOPTS : 0
FTABLE : 0
RIGHTS : 0
IFADDR : 8
CONTROL : 0
OOBDATA : 0
IPMOPTS : 0
IPMADDR : 1
IFMADDR : 0
MRTABLE : 0
TOTAL : 512
number of mbufs: 512
number of times failed to find space: 0
number of times waited for space: 0
number of times drained protocols for space: 0
__________________
CLUSTER POOL TABLE
__________________________
size clusters free usage
--------------------------
64 64 56 32
128 64 45 3054
256 64 57 2926
512 64 57 3042
--------------------------
------------------------SW
__________________
CLUSTER POOL TABLE
__________________________
size clusters free usage
--------------------------
2048 1720 968 2035193
--------------------------
DHCP bindings
--------------------------
IP Address Type Status H/W Address Expire time
--------------------------
--------------------------
Static ARP Entries: No Entries
ARP Cache entry timeout: 20 minutes
ARP Cache
----------------------ARP TABLE---------------------
entries=22 lookups=57950 fails=1440 hits=56501 misses=9 hitRate=99 percent
--------------------------
192.168.51.143 <-> 00:03:47:77:50:FF (LAN) expires in 20 mins
192.168.51.125 <-> 00:03:47:77:50:F9 (LAN) expires in 20 mins
192.168.51.97 <-> 00:03:47:CE:41:CA (LAN) expires in 9 mins
192.168.51.93 <-> 00:03:47:CE:3F:B1 (LAN) expires in 20 mins
68.161.61.188 <-> 00:06:B1:05:9E:CA (WAN) is permanent published
68.161.61.188 <-> 00:06:B1:05:9E:C9 (OPT) is permanent published
192.168.51.23 <-> 00:02:B3:2E:80:BD (LAN) expires in 20 mins
192.168.51.104 <-> 00:11:43:1D:36:9D (LAN) expires in 20 mins
192.168.51.122 <-> 00:11:43:1D:0A:D3 (LAN) expires in 20 mins
192.168.51.86 <-> 00:A0:CC:33:E5:D2 (LAN) expires in 20 mins
192.168.51.83 <-> 00:03:47:CE:3F:8B (LAN) expires in 20 mins
192.168.51.62 <-> 00:14:A5:41:C6:4E (LAN) expires in 19 mins
192.168.51.65 <-> 00:90:4B:2E:8C:26 (LAN) expires in 6 mins
192.168.51.66 <-> 00:11:43:1D:38:2B (LAN) expires in 19 mins
192.168.51.89 <-> 00:0E:35:3F:F5:80 (LAN) expires in 17 mins
192.168.51.236 <-> 00:03:47:BE:5B:E4 (LAN) expires in 20 mins
192.168.51.96 <-> 00:A0:CC:58:DB:12 (LAN) expires in 0 mins
192.168.51.70 <-> 00:90:96:AE:4A:10 (LAN) expires in 20 mins
192.168.51.81 <-> 00:90:4B:2F:81:1A (LAN) expires in 16 mins
192.168.51.77 <-> 00:B0:D0:B6:F8:E1 (LAN) expires in 10 mins
192.168.51.82 <-> 00:12:3F:F9:2F:19 (LAN) expires in 19 mins
192.168.51.1 <-> 00:06:B1:05:9E:C8 (LAN) is permanent published
--------------------------
---------------------NAT Policy Table--------------------
| Orig Src | Orig Dst | Orig Svc |
--------------------------
| Trans Src | Trans Dst | Trans Svc |
--------------------------
-Index: 0-Usage: 0-Priority: ff0201fa------------------
| 192.168.51.0 | 68.161.61.188 | 17 500 |
| 255.255.255.0 | | |
--------------------------
| 68.161.61.188 | 192.168.51.1 | Orig |
--------------------------
-Index: 1-Usage: 0-Priority: ff0201fa------------------
| 192.168.51.0 | 68.161.61.188 | 6 443 |
| 255.255.255.0 | | |
--------------------------
| 68.161.61.188 | 192.168.51.1 | Orig |
--------------------------
-Index: 2-Usage: 1-Priority: ff0201fa------------------
| 192.168.51.0 | 68.161.61.188 | 6 80 |
| 255.255.255.0 | | |
--------------------------
| 68.161.61.188 | 192.168.51.1 | Orig |
--------------------------
-Index: 3-Usage: 0-Priority: 8000fffe------------------
| Any | 68.161.61.188 | 17 500 |
--------------------------
| Orig | 192.168.51.1 | Orig |
--------------------------
-Index: 4-Usage: 0-Priority: 8000fffe------------------
| Any | 68.161.61.188 | 6 443 |
--------------------------
| Orig | 192.168.51.1 | Orig |
--------------------------
-Index: 5-Usage: 0-Priority: 8000fffe------------------
| Any | 68.161.61.188 | 6 80 |
--------------------------
| Orig | 192.168.51.23 | Orig |
--------------------------
-Index: 6-Usage: 4-Priority: 8000fffe------------------
| Any | 68.161.61.188 | 6 5631 |
| | | 17 5632 |
--------------------------
| Orig | 192.168.51.23 | Orig |
--------------------------
-Index: 7-Usage: 0-Priority: 8000fffe------------------
| Any | 68.161.61.188 | 6 3389 |
| | | 17 3389 |
--------------------------
| Orig | 192.168.51.23 | Orig |
--------------------------
-Index: 8-Usage: 0-Priority: 3f03fa09------------------
| 192.168.51.0 | 192.168.51.0 | Any |
| 255.255.255.0 | 255.255.255.0 | |
--------------------------
| Orig | Orig | Orig |
--------------------------
-Index: 9-Usage: 22180-Priority: 7f03--------------------
| 192.168.51.0 | Any | Any |
| 255.255.255.0 | | |
--------------------------
| 68.161.61.188 | Orig | Orig |
--------------------------
-Index: 10-Usage: 84723-Priority: 0----------------------
| Any | Any | Any |
--------------------------
| Orig | Orig | Orig |
--------------------------
Memory Zone Report
Memory Zones used 15 of total 32
Zone Total Alloc'ed Free High ElemSize Fail EstInit EstIncr Overhead%
buf-16 10921 651 10270 763 16 0 10240 2048 33 (V1)
buf-32 818 522 296 533 32 0 1024 256 20 (V1)
buf-64 454 51 403 72 64 0 512 128 11 (V1)
buf-128 240 79 161 398 128 0 256 128 6 (V1)
buf-256 248 97 151 109 256 0 256 128 3 (V1)
buf-512 62 18 44 20 512 0 64 64 3 (V1)
buf-1056 61 27 34 31 1056 0 64 32 1 (V1)
buf-2080 62 19 43 22 2080 0 64 64 1 (V1)
buf-4128 31 8 23 10 4128 0 32 16 2 (V1)
buf-8224 31 11 20 14 8224 0 32 16 2 (V1)
buf-16416 22 14 8 16 16416 0 16 8 8 (V1)
buf-32800 15 8 7 9 32800 0 16 16 6 (V1)
share-16 1636 76 1560 80 16 0 256 256 20 (V2)
share-24 1169 91 1078 95 24 0 256 256 14 (V2)
share-40 744 0 744 0 40 0 256 256 9 (V2)
ChunkSize AllocFail TotalAlloc TotalDeall CurAlloc CurBytes CurCache fromCache toCache
32768 0 9 2 7 229376 1 1 2
65536 0 2 0 2 131072 0 0 0
131072 0 3 0 3 393216 0 0 0
262144 0 3 0 3 786432 0 0 0
524288 0 1 0 1 524288 0 0 0
1048576 0 0 0 0 0 0 0 0
Total Currently Malloc'ed of all chunks: 2064384 bytes
Total Currently Available of all chunks in cache: 32768 bytes
MemoryZone alloc: invalid zone 0, invalid zone flags 0
MemoryZone free: invalid zone magic 0, invalid zone flags 0
MemoryZone free: null argument 0, invalid header 0, element already freed 0
MemoryZones: total created 15, total removed 0
Buffer Memory Zone Report
Zero-Size Allocation Request Count: 0
Non-Buffer-MemoryZone Use: Allocation Count 63, Deallocation Count 23, Current Balance 40
Non-Buffer-MemoryZone Allocation Size: min 40000, max 7000000
Non-Buffer-MemoryZone Allocation Failure Count: 0
Non-Tagged Deallocation Count: 0
End of TSR
I guess that you have probably misconfigured network mask:
WAN/NAT public IP = 68.161.61.188
WAN Subnet Mask = 255.255.255.0
do you see any other 68.161.61.x IP address (can ping)?
But I belive you, that you have the only IP address. I guess you cannot 'publish' separate service from LAN to WAN in this case. I tried all the configuration possibilities and tried to assign public TZ170 IP to internal IP with no luck. With separate IP it's possible (create 1-1 NAT then create rule that limits access to only 1 service).
ill look again this morning, and d-check with verizon and the other ntwk guy about the ip's, but i beleive its a basic verizon biz dsl, with ppoe, and the sonic is set to nat/ppoe client. ill call verizon this morning.
but i have a tz170 right here in my own lab, and i have web access working perfectly.... simple rule to route http port 80 to the private ip of my server /email server....
m
Business Accounts
Answer for Membership
by: NopiusPosted on 2007-01-24 at 20:27:05ID: 18393098
I see no diagnostics report. In TZ170 there is an 'opt' port specially designed for organizing 'DMZ'. Your web server is a good candidate to be placed to DMZ. How many external IP addresses do you have?
If >1, then you may place your webserver to OPT and assign it external IP address. If you have only 1 internet IP address, I don't know how to do port forwarding for just 1 port.