granite03
asked on
Configuring a SonicWALL Global VPN Client
Hi,
I'm trying to enable a SonicWALL Global VPN Client (v3.1.0.556) attaching to a TZ170 firewall. When I attach to the firewall via the client over the internet, the TZ170 is assigning an IP of 223.1.1.128 to the virtual adapter, which I believe is the default VPN Global Client IP address. So, consequently, I can't do anything on the remote network (which is 192.168.0.x/24).
The DHCP server runs on the TZ170, but the "DHCP over VPN" section is not showing any active leases at all.
Any ideas? I know this is probably an easy one, but I'm fresh out!
Alan
I'm trying to enable a SonicWALL Global VPN Client (v3.1.0.556) attaching to a TZ170 firewall. When I attach to the firewall via the client over the internet, the TZ170 is assigning an IP of 223.1.1.128 to the virtual adapter, which I believe is the default VPN Global Client IP address. So, consequently, I can't do anything on the remote network (which is 192.168.0.x/24).
The DHCP server runs on the TZ170, but the "DHCP over VPN" section is not showing any active leases at all.
Any ideas? I know this is probably an easy one, but I'm fresh out!
Alan
ASKER
Thanks for your post. Unfortunately, it's still not working.
The firmware version is SonicOS Standard 3.1.0.7-77s. I'm guessing that's not Enhanced firmware.
Their is no option to put local users into any trusted user group, which I assume is down to the firmware.
I can't specifically find any way to grant the local user access to the LAN subnet, and maybe that's an issue... The options to grant Access to VPNs, Access to VPNs with XAUTH and Access to L2TP VPN Client are all enabled for the User I have created...
(help!)
The firmware version is SonicOS Standard 3.1.0.7-77s. I'm guessing that's not Enhanced firmware.
Their is no option to put local users into any trusted user group, which I assume is down to the firmware.
I can't specifically find any way to grant the local user access to the LAN subnet, and maybe that's an issue... The options to grant Access to VPNs, Access to VPNs with XAUTH and Access to L2TP VPN Client are all enabled for the User I have created...
(help!)
What errors are you getting in the sonicwall logs? What errors are you getting from the client software. Are you getting a IP address from the lan? Are you using a windows server and the sonicwall as a dhcp server? Can only use one or the other.
local user > Access to VPNs
> Access from VPN client with XAUTH > check both
> uncheck L2TP VPN
on the Users > Local Users > should show user has vpn access and client vpn access
On the VPN > DHCP over VPN page the central gateway what boxes do you have checked?
On the vpn settings page > advanced check Require Authentication of VPN Clients via XAUTH and VPN Terminated at: LAN
On the client page Virtual Adapter settings: dhcp lease
Cache XAUTH User Name and Password on Client: single session
Allow Connections to: adjust the three setting and test
On general page IPSec Keying Mode: ike using preshared key
If it does not work go to the System > Diagnostics check all 4 boxes download tsr and post here.
local user > Access to VPNs
> Access from VPN client with XAUTH > check both
> uncheck L2TP VPN
on the Users > Local Users > should show user has vpn access and client vpn access
On the VPN > DHCP over VPN page the central gateway what boxes do you have checked?
On the vpn settings page > advanced check Require Authentication of VPN Clients via XAUTH and VPN Terminated at: LAN
On the client page Virtual Adapter settings: dhcp lease
Cache XAUTH User Name and Password on Client: single session
Allow Connections to: adjust the three setting and test
On general page IPSec Keying Mode: ike using preshared key
If it does not work go to the System > Diagnostics check all 4 boxes download tsr and post here.
ASKER
What errors are you getting in the sonicwall logs? - NONE RELEVANT
What errors are you getting from the client software. - NONE
Are you getting a IP address from the lan? - NO, SHOULD BE IN SONICWALL DHCP RANGE 192.168.0.100-150/24
Are you using a windows server and the sonicwall as a dhcp server? NO - SONICWALL ONLY. Can only use one or the other.
local user > Access to VPNs - TICKED
> Access from VPN client with XAUTH > check both - TICKED
> uncheck L2TP VPN - DONE
on the Users > Local Users > should show user has vpn access and client vpn access - YES
On the VPN > DHCP over VPN page the central gateway what boxes do you have checked? - CENTRAL GATEWAY, USE INTERNAL DHCP, FOR GLOBAL VPN CLIENT
On the vpn settings page > advanced check Require Authentication of VPN Clients via XAUTH and VPN Terminated at: LAN - DONE
On the client page Virtual Adapter settings: dhcp lease - DONE
Cache XAUTH User Name and Password on Client: single session - DONE
Allow Connections to: adjust the three setting and test - TRIED ALL THREE
On general page IPSec Keying Mode: ike using preshared key - IKE USING PRESHARED SECRET
NO JOY
If it does not work go to the System > Diagnostics check all 4 boxes download tsr and post here.
OK, POSTED BELOW. PLEASE FORGIVE CAPS, THANKS FOR YOUR TIME!
Status
Serial number 0006-B12D-72C8
Registration code: 2MJL4NQX
Product Code: 511; Base Product Code: 511
Board ID: 0x2
11/16/2006 14:46:39.640
SonicWALL has been up: 55 Days, 1 Hour, 43 Minutes, 25 Seconds
Firmware version: SonicOS Standard 3.1.0.7-77s
No debug symbols in firmware
restartRequired: False
Revision: 3.1.0.7-77s
ROM version 3.1.0.2
Previous firmware version: none
min firmware for this hardware: SonicOS Standard 3.1.0.7 Standard
max firmware for this hardware: 0.0.0.0
vers check err: 0
Crypto level: domestic
VPN Hardware Accelerator Detected
Processor= "SonicWALL Security Processor"
Model= TZ 170 Standard
Resource language: eng
RAM size: 64 M
Flash size: 8 M
Flash type: TC58FVM6T2A
Configured interface settings:
WAN: Auto Negotiate
LAN: Auto Negotiate
OPT: Auto Negotiate
Active interface settings:
WAN: 100 Mbps, Full Duplex
LAN: 100 Mbps, Full Duplex
OPT: No connection detected
CPU Monitor
CPU Monitor:
Current 1s CPU Utilization: 3.33%
Current 10s CPU Utilization: 9.50%
Total Average CPU Utilization: 1.35%
CPU Utilization Per Process:
# Name PC PRI Total% (secs) Curr% (secs)
--- ----------------- ---------- --- ------------- -------------
1. tNetTask 0x8035a320 50 0.50 (23627.92) 3.33 (0.03)
2. tTimerTask 0x8035a320 50 0.83 (39690.38) 0.00 (0.00)
3. tMainLogTask 0x803e41a0 50 0.01 (329.02) 0.00 (0.00)
4. tWebMain 0x8020436c 50 0.01 (305.20) 0.00 (0.00)
5. tDEACheckDEAServer 0x803c0f64 104 0.01 (280.75) 0.00 (0.00)
6. tIkeUdpTask 0x8035a320 50 0.00 (15.17) 0.00 (0.00)
7. tAlertLed 0x8035a320 40 0.00 (8.02) 0.00 (0.00)
8. tDHCP 0x8035a320 100 0.00 (6.00) 0.00 (0.00)
9. tMyArpTask 0x803e41a0 45 0.00 (4.97) 0.00 (0.00)
10. tNtp 0x803c0f64 254 0.00 (1.83) 0.00 (0.00)
11. tWdTask 0x803c0f64 8 0.00 (0.35) 0.00 (0.00)
12. tExcTask 0x803e41a0 0 0.00 (0.12) 0.00 (0.00)
13. tGSCLiveCheck 0x803c0f64 103 0.00 (0.07) 0.00 (0.00)
14. tIkeMsgTask 0x803e41a0 50 0.00 (0.05) 0.00 (0.00)
15. tDcacheUpd 0x803c0f64 250 0.00 (0.05) 0.00 (0.00)
16. tCLI 0x8035a320 10 0.00 (0.02) 0.00 (0.00)
17. tSwSnmpTrapd 0x803e41a0 50 0.00 (0.02) 0.00 (0.00)
18. tWebListenS 0x8035a320 50 0.00 (0.00) 0.00 (0.00)
19. tSysMonitor 0x803c0f64 10 0.00 (0.00) 0.00 (0.00)
20. tTmrTask 0x803c0f64 15 0.00 (0.00) 0.00 (0.00)
21. tWdRbTask 0x8035a320 8 0.00 (0.00) 0.00 (0.00)
22. tDHCPC 0x803e41a0 100 0.00 (0.00) 0.00 (0.00)
23. tDHCPrefresh 0x803e41a0 101 0.00 (0.00) 0.00 (0.00)
24. wpTtReader 0x803e41a0 8 0.00 (0.00) 0.00 (0.00)
25. tLogTask 0x803e41a0 0 0.00 (0.00) 0.00 (0.00)
26. tCRL 0x8035a320 128 0.00 (0.00) 0.00 (0.00)
27. tL2tpServerTask 0x8035a320 130 0.00 (0.00) 0.00 (0.00)
28. tSnmpd 0x8035a320 150 0.00 (0.00) 0.00 (0.00)
29. tDhcprGarbage 0x803e41a0 150 0.00 (0.00) 0.00 (0.00)
30. tRandSeedTask 0x803c0f64 200 0.00 (0.00) 0.00 (0.00)
31. tChkCable 0x803c0f64 200 0.00 (0.00) 0.00 (0.00)
32. tSnmpTmr 0x803e41a0 200 0.00 (0.00) 0.00 (0.00)
33. tTODTask 0x803c0f64 200 0.00 (0.00) 0.00 (0.00)
34. tDDNSS 0x8035a320 225 0.00 (0.00) 0.00 (0.00)
35. tResetSwitch 0x803c0f64 245 0.00 (0.00) 0.00 (0.00)
36. tMzZgc 0x803c0f64 250 0.00 (0.00) 0.00 (0.00)
37. tWebMainS 0x8035a320 50 0.00 (0.00) 0.00 (0.00)
38. tIpFragClean 0x803c0f64 55 0.00 (0.00) 0.00 (0.00)
Task Total 1.35 (64269.92) 3.33 (0.03)
Idle 98.65 (4693866.00) 96.67 (0.97)
System 0.00 (54.45) 0.00 (0.00)
CPU Utilization History for Last Minute (60 seconds ago --> now):
2,0,2,0,8,13,53,100,100,10 0,100,100, 75,25,8,15 ,28,3,5,22 ,20,7,2,0, 3,0,5,2,3, 2,3,0,5,3, 5,67,100,1 00,100,100 ,70,2,7,2, 2,0,15,5,2 ,3,20,30,5 ,0,8,2,22, 2,3,3
CPU Utilization History for Last Hour (60 minutes ago --> now):
5,2,2,2,2,2,3,2,2,7,5,5,7, 3,3,3,2,2, 0,2,2,2,2, 2,2,0,2,3, 2,2,10,2,2 ,10,3,2,0, 3,2,2,2,2, 2,2,2,3,2, 0,12,13,2, 12,2,0,2,0 ,2,2,2,23
CPU Utilization History for Last Day (24 hours ago --> now):
0,2,2,2,0,0,0,0,0,0,0,0,0, 0,0,0,0,0, 0,0,2,2,2, 3
CPU Utilization History for Last Month (30 days ago --> now):
0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0, 0,0,0,0,0, 0,0,0,0,0, 0,0
Process Monitor
Process List:
# Name PRI STATUS PC StackPtr Size Curr Margin TaskId
--- ----------------- --- -------- -------- -------- ----- ----- ------- -------
1. tLogTask 0 PEND 803e41a0 83fe0b08 4992 264 4672 83fe0c10
2. tExcTask 0 PEND 803e41a0 83fe3638 7984 264 7552 83fe3740
3. tWdRbTask 8 PEND 8035a320 821b0cb0 992 96 632 821b0d10
4. wpTtReader 8 PEND 803e41a0 83feaf20 3984 400 3528 83feb0b0
5. tWdTask 8 DELAY 803c0f64 821b2df0 7984 128 6776 821b2e70
6. tSysMonitor 10 DELAY 803c0f64 83973198 4080 120 3448 83973210
7. tCLI 10 PEND 8035a320 821ac8f0 19984 528 18496 821acb00
8. tTmrTask 15 DELAY 803c0f64 83686b70 29984 112 29752 83686be0
9. tAlertLed 40 PEND 8035a320 83842530 3984 128 3664 838425b0
10. tMyArpTask 45 PEND 803e41a0 83869db8 3984 344 3056 83869f10
11. tNetTask 50 READY 8035a320 83eeb840 19984 176 15912 83eeb8f0
12. tTimerTask 50 PEND 8035a320 83873a40 32752 96 31216 83873aa0
13. tMainLogTask 50 PEND 803e41a0 838460b8 10224 312 5840 838461f0
14. tIkeUdpTask 50 PEND 8035a320 83fe9c78 8176 632 2048 83fe9ef0
15. tSwSnmpTrapd 50 PEND 803e41a0 821b70a8 8176 280 7776 821b71c0
16. tIkeMsgTask 50 PEND 803e41a0 8216f930 8176 336 4000 8216fa80
17. tWebMain 50 READY 803c8950 83697060 29984 3888 17504 83697f90
18. tWebListenS 50 PEND 8035a320 836049b0 19984 368 19368 83604b20
19. tWebMainS 50 PEND 8035a320 8360c1b0 29984 192 29736 8360c270
20. tIpFragClean 55 DELAY 803c0f64 83868708 4080 136 3824 83868790
21. tDHCP 100 PEND 8035a320 835ff888 9984 600 6464 835ffae0
22. tDHCPC 100 PEND 803e41a0 8367f388 9984 264 9664 8367f490
23. tDHCPrefresh 101 PEND+T 803e41a0 835fd0d8 2496 216 2160 835fd1b0
24. tGSCLiveCheck 103 DELAY 803c0f64 820d9cd0 9984 192 8336 820d9d90
25. tDEACheckDEAServer 104 DELAY 803c0f64 820eaaa8 49968 120 43256 820eab20
26. tCRL 128 PEND 8035a320 83613408 9312 168 8776 836134b0
27. tL2tpServerTask 130 PEND 8035a320 82109ab0 19984 432 17712 82109c60
28. tDhcprGarbage 150 PEND+T 803e41a0 8210bcc0 7984 256 7672 8210bdc0
29. tSnmpd 150 PEND 8035a320 83b55648 28656 2776 25824 83b56120
30. tRandSeedTask 200 DELAY 803c0f64 838667d0 3984 112 3752 83866840
31. tSnmpTmr 200 PEND 803e41a0 83b571b0 4080 400 3624 83b57340
32. tChkCable 200 DELAY 803c0f64 83b58b18 4080 136 3744 83b58ba0
33. tTODTask 200 DELAY 803c0f64 83843730 3984 112 3704 838437a0
34. tDDNSS 225 PEND 8035a320 821aebe8 7984 120 7784 821aec60
35. tResetSwitch 245 DELAY 803c0f64 83fe5f68 4080 136 3824 83fe5ff0
36. tDcacheUpd 250 READY 803c0f64 83fefbb8 4992 152 4696 83fefc50
37. tMzZgc 250 DELAY 803c0f64 83b4d200 4080 112 3728 83b4d270
38. tNtp 254 DELAY 803c0f64 8367ca60 14992 256 11440 8367cb60
Diagnostic
PB version = 119
registered = 1
Upgrade Level = 165
Watch Dog on = 1
ARP bridge on = 1
Clear DF (Don't Fragment) bit = 0
SYN Flood Prevention = 1
SYN Flood Prevention in Watch mode = 1
Don't Restart for Watchdog Task = 0
Use Ipsec Hardware In = 1
Use Ipsec Hardware Out = 1
Trace message level: Warning
HTTP/HTTPS Management via the WAN disabled
Product
Product Code Value: 511
Language: eng
Short Model Name: TZ 170 Standard
Max SAs Allowed: 10
Max Connections: 6144
Connection Hash Size: 6143
Max Connections when using GAV/IPS: 6144
Connection Hash Size using GAV/IPS: 6143
Max Connected Users: 25
Max Local Users: 100
Max User Logins: 150
Max Firewall Rules: 100
HA Groupings: haGroupNone
VPN: UPGRADED, available
HA: NONE
Viewpoint: UPGRADED, available
One Arm Mode: UPGRADED, available
RIP Advertisement: UPGRADED, available
Web Pool Size: 1200
Max IFP Cache Size: 3072
Ethernet Loaner Buffers: 220
Max Queued Pkts: 220
Max Bwmgmt Rules: 20
Interface Names WAN/LAN/OPT
Modem Failover: No
Minimum Firmware Version: c000
Maximum Firmware Version: 0
ManyToOneOn: 1
AES Supported: 1
Fips140: 0
DHCPS Ranges: 255
DHCPS Leases: 1024
Enh Upgrade Code: 611
GMS firmware image name prefix: sw_tz170_s_eng_
maxIPSTCPConnections: 6144
maxGAVConnections: 6144
maxGAVConcurrentCompressed Downloads: 100
maxIPS576ByteBuffers: 1000
maxIPS1500ByteBuffers: 1000
Update
Auto Update
fwauParamsShow parameter values:
autoUpdateEnabled: 1
fwNoticeVersion:
fwCurrentStatus: upToDate
fwUpdateVersion:
fwUpdateUrl:
fwRelnotesUrl:
fwUpdateImageSize: 0
fwUpdateImageHash:
updateCheckLastTimeStamp 09/23/2006 08:44:00.560
updateCheckSuccessLastTime Stamp 09/23/2006 08:44:00.816
updateGetLastTimeStamp 01/00/1900 00:00:00.000
updateGetSuccessLastTimeSt amp 01/00/1900 00:00:00.000
GST(strFirmwareAutoCheckSe rver): software.sonicwall.com
GST(strFirmwareAutoCheckUr lPath): /Request.asp
notice.notifyFirmwareChang es: 0
notice.releaseNotesVers: D100
Firmware update lookup at 9:44
Network
Network mode: NAT Enabled
LAN IP = 192.168.0.1
LAN Subnet Mask = 255.255.255.0
WAN/NAT public IP = 10.100.223.254
WAN Subnet Mask = 255.255.255.0
WAN Gateway = 10.100.223.1
Nat M21: 1
DNS Server1 = 192.168.0.10
DNS Server2 = 10.100.1.40
DNS Server3 = 0.0.0.0
cacheTimeout = 15
httpProxyName = ''
httpProxyPort = 0
Bypass Proxy server upon failure = 0
Forward OPT Client Requests to proxy server = 0
NetBIOS LAN->OPT = 1
NetBIOS OPT->WAN = 0
NetBIOS OPT->LAN = 1
NetBIOS LAN->WAN = 0
Stealth Mode = 0
Randomize IP ID = 0
IP Spoof Checking = 1
Enable IP Header checksum validation = 0
Enable TCP checksum validation = 0
Enable UDP checksum validation = 0
Enable ICMP checksum validation = 0
OPT in NAT Mode
OPT IP = 0.0.0.0
OPT Subnet = 255.255.255.0
OPT Many to One Public IP = 0.0.0.0
Intranet Mode: No Ranges
Number of Intranet Ranges 0
Number of LAN Subnets 0
NAT 121: 0, num1To1Ranges=0
Routing Table:
Internal Routing Tree:
Routes currently in router
network mask (or range) gateway address gateway interface
0.0.0.0 0.0.0.0 10.100.223.1 WAN
10.100.223.0 255.255.255.0 0.0.0.0 WAN
10.100.223.1 255.255.255.255 0.0.0.0 WAN
10.100.223.254 255.255.255.255 0.0.0.0 LAN/OPT
192.168.0.0 255.255.255.0 0.0.0.0 LAN
192.168.0.1 255.255.255.255 0.0.0.0 LAN
255.255.255.255 255.255.255.255 0.0.0.0 LAN
LAN RIP Settings:
RIP Advertisement Disabled
OPT RIP Settings:
RIP Advertisement Disabled
RIP dynamic memory usage -- current: 0 bytes high: 0 bytes
Ethernet
Proxy Router Enet = 0
Router Enet: 00 00 00 00 00 00
ProxyPcMacOnWan = 0
PcMacAddrForWan: 00 00 00 00 00 00
Unique Mac Addrs = 1
WAN MAC: 00 06 B1 2D 72 CA
LAN MAC: 00 06 B1 2D 72 C8
OPT MAC: 00 06 B1 2D 72 C9
Fragment outbound packets larger than WAN MTU: 1
WAN MTU: 1500
CP Wan MTU: 1500
WAN Ignore DF Bit for non-VPN traffic: 1
Bandwidth Management WAN: enabled: 0, available 20.000
Services
1, Any, 65535-65535, IP Type 255, logging
2, Authentication, 113-113, TCP, logging
3, Chat (IRC), 194-194, TCP, logging
4, Chat (IRC), 6666-6666, TCP, logging
5, Chat (IRC), 6667-6667, TCP, logging
6, Chat (IRC), 6668-6668, TCP, logging
7, Chat (IRC), 6669-6669, TCP, logging
8, Chat (IRC), 6670-6670, TCP, logging
9, Chat (IRC), 7000-7000, TCP, logging
10, Citrix, 1494-1494, TCP, logging
11, Citrix, 1604-1604, UDP, logging
12, Echo, 7-7, TCP, logging
13, Echo, 7-7, UDP, logging
14, Enhanced TV, 9000-9000, TCP, logging
15, File Transfer (FTP), 21-21, TCP, logging
16, Filemaker, 5003-5003, TCP, logging
17, Filemaker, 5003-5003, UDP, logging
18, Gatekeeper (H323), 1718-1718, UDP, logging
19, Gatekeeper (H323), 1719-1719, UDP, logging
20, Gopher, 70-70, TCP, logging
21, HTTPS, 443-443, TCP, logging
22, IMAP3, 220-220, TCP, logging
23, IMAP4, 143-143, TCP, logging
24, IPSec (ESP), 0-0, IP Type 50, logging
25, Kerberos, 88-88, TCP, logging
26, Kerberos, 88-88, UDP, logging
27, Key Exchange (IKE), 500-500, UDP, logging
28, LDAP, 389-389, TCP, logging
29, Lotus Notes, 1352-1352, TCP, logging
30, Name Service (DNS), 53-53, TCP, logging
31, Name Service (DNS), 53-53, UDP, logging
32, NetBios, 137-137, TCP, logging
33, NetBios, 137-137, UDP, logging
34, NetBios, 138-138, TCP, logging
35, NetBios, 138-138, UDP, logging
36, NetBios, 139-139, TCP, logging
37, NetBios, 139-139, UDP, logging
38, News (NNTP), 119-119, TCP, logging
39, NFS, 2049-2049, TCP, logging
40, NFS, 2049-2049, UDP, logging
41, NTP, 123-123, UDP, logging
42, PC Anywhere, 5631-5631, TCP, logging
43, PC Anywhere, 5632-5632, UDP, logging
44, Ping, 8-8, ICMP, logging
45, Ping, 0-0, ICMP, logging
46, PPTP, 1723-1723, TCP, logging
47, Quicktime, 554-554, TCP, logging
48, RealAudio, 7070-7070, TCP, logging
49, Retrieve E-Mail (POP3), 110-110, TCP, logging
50, Send E-Mail (SMTP), 25-25, TCP, logging
51, SIP, 5060-5060, UDP, logging
52, SNMP, 161-161, UDP, logging
53, SNMP, 162-162, UDP, logging
54, SSH, 22-22, TCP, logging
55, Syslog, 514-514, TCP, logging
56, Syslog, 514-514, UDP, logging
57, Telnet, 23-23, TCP, logging
58, Terminal Services, 3389-3389, TCP, logging
59, Terminal Services, 3389-3389, UDP, logging
60, TFTP, 69-69, UDP, logging
61, Timbuktu, 407-407, TCP, logging
62, Timbuktu, 407-407, UDP, logging
63, Timbuktu, 1417-1417, TCP, logging
64, Timbuktu, 1418-1418, TCP, logging
65, Timbuktu, 1419-1419, TCP, logging
66, Timbuktu, 1419-1419, UDP, logging
67, Timbuktu, 1420-1420, TCP, logging
68, Unix Printer (LPR), 515-515, TCP, logging
69, Video Conference (H323), 1720-1720, TCP, logging
70, Web (HTTP), 80-80, TCP, logging
71, WGS External Authentication, 4043-4043, TCP, logging
72, Whiteboard (T120), 1503-1503, TCP, logging
73, NT Domain Login, 135-135, TCP, logging
74, NT Domain Login, 137-137, TCP, logging
75, NT Domain Login, 137-137, UDP, logging
76, NT Domain Login, 138-138, TCP, logging
77, NT Domain Login, 138-138, UDP, logging
78, NT Domain Login, 139-139, TCP, logging
79, NT Domain Login, 139-139, UDP, logging
80, NT Domain Login, 389-389, TCP, logging
81, NT Domain Login, 88-88, TCP, logging
82, NT Domain Login, 88-88, UDP, logging
83, NT Domain Login, 1025-1025, TCP, logging
84, ShoreTel Call Control, 5440-5440, UDP, logging
85, ShoreTel Call Control, 5441-5441, UDP, logging
86, ShoreTel Call Control, 5442-5442, UDP, logging
87, ShoreTel Call Control, 5443-5443, UDP, logging
88, ShoreTel Call Control, 5444-5444, UDP, logging
89, ShoreTel Call Control, 5445-5445, UDP, logging
90, ShoreTel Call Control, 5446-5446, UDP, logging
91, ShoreTel RTP, 5004-5004, UDP, logging
92, ShoreTel IP Phone Control, 2427-2427, UDP, logging
93, ShoreTel IP Phone Control, 2727-2727, UDP, logging
94, Tivo TCP Beacon, 2190-2190, TCP, logging
95, Tivo UDP Beacon, 2190-2190, UDP, logging
96, Tivo TCP Data, 8080-8080, TCP, logging
97, Tivo TCP Data, 8081-8081, TCP, logging
98, Tivo TCP Data, 8082-8082, TCP, logging
99, Tivo TCP Data, 8083-8083, TCP, logging
100, Tivo TCP Data, 8084-8084, TCP, logging
101, Tivo TCP Data, 8085-8085, TCP, logging
102, Tivo TCP Data, 8086-8086, TCP, logging
103, Tivo TCP Data, 8087-8087, TCP, logging
104, Tivo TCP Data, 8089-8089, TCP, logging
105, Tivo TCP Desktop, 8101-8101, TCP, logging
106, Tivo TCP Desktop, 8102-8102, TCP, logging
107, Tivo TCP Desktop, 8200-8200, TCP, logging
108, HTTP Management, 80-80, mgmt, TCP, not logging
109, HTTPS Management, 443-443, mgmt, TCP, not logging
Rules
1, priority 1, HTTPS Management, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 LAN
dst IP 192.168.0.1-192.168.0.1 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt y, timeout 15
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added management rule
2, priority 2, HTTP Management, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 LAN
dst IP 192.168.0.1-192.168.0.1 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt y, timeout 15
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added management rule
3, priority 3, Key Exchange (IKE), Allow, Enabled
src IP 0.0.0.0-255.255.255.255 ANY
dst IP 192.168.0.1-192.168.0.1 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable y, auto-added y, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added inbound IKE rule
4, priority 4, Key Exchange (IKE), Allow, Enabled
src IP 192.168.0.1-192.168.0.1 LAN
dst IP 0.0.0.0-255.255.255.255 ANY
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable y, auto-added y, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added outbound IKE rule
5, priority 5, NetBios, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 OPT
dst IP 0.0.0.0-255.255.255.255 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Windows Networking Support
6, priority 6, Kerberos, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 OPT
dst IP 0.0.0.0-255.255.255.255 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Windows Networking Support
7, priority 7, Any, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 OPT
dst IP 0.0.0.0-255.255.255.255 WAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
8, priority 8, Any, Deny, Enabled
src IP 0.0.0.0-255.255.255.255 WAN
dst IP 0.0.0.0-255.255.255.255 OPT
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 15
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
9, priority 9, Any, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 LAN
dst IP 0.0.0.0-255.255.255.255 ANY
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 5
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
10, priority 10, Any, Deny, Enabled
src IP 0.0.0.0-255.255.255.255 ANY
dst IP 0.0.0.0-255.255.255.255 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 15
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
Enable support for Oracle (SQLNet) is on
MSN
Enable support for Windows Messenger is on
SIP
Enable consistent NAT is off
Enable SIP Transformations is off
Permit non-SIP packets on signaling port is off
SIP Signaling inactivity time out is 1800
SIP Media inactivity time out is 120
Additional SIP signaling port is 0
Maximum VoIP Endpoints is 2048
SIP Endpoints
Contact Initiator Responder Life Bandwidth User-ID
--------------------- --------------------- --------------------- ------ ---------- -------
SIP Users: 0
SIP Calls
Endpoints Bandwidth Used Call-ID
--------- -------------- -------
SIP Calls: 0
H.323
Enable H.323 Transformations is on
Only accept incoming calls from Gatekeeper is off
Enable LDAP ILS Support is off
H.323 Signaling/Media inactivity time out is 300
Default WAN/OPT Gatekeeper IP Address is 0.0.0.0
Maximum VoIP Endpoints is 2048
H.323 Counters:
70 *PACKET_IN_ERROR 1566
367 *INIT_DONE 1
H.323 RAS Endpoints
Endpoint Gatekeeper Call Signal Call Signal (Remap) Relax TTL Tx (Bytes) Rx (Bytes) User-ID
--------------------- --------------------- --------------------- --------------------- ----- ----- ---------- ---------- -------
H.323 RAS Users: 0
H.323 Calls
From To Bandwidth Used
---- -- --------------
H.323 Calls: 0
RTSP
Enable RTSP Transformations is on
gEnableRtspSupport : 1 rtsp_debug : 0
gRtspStatefulEnable : 1 gRtspMaxRetransmit : 4
gRtspTcpMaxWindowOos : 11680 gRtspTcpMaxWindowRetransmi t : 46720
gRtspTcpDropped : 1566 gRtspTcpDroppedOos : 850
gRtspTcpDroppedDuplicate : 715 gRtspTcpResyncOos : 34210
gRtspUdpMaxWindow : 1024 gRtspUdpDropped : 44966
gRtspUdpRtpDroppedSmallerW rapped : 14 gRtspUdpRtpDroppedSmaller : 44952
gRtspUdpRtcpDroppedPacketT ype : 0 gRtspUdpRtcpLastPacketType : 0
gRtspUdpCacheLastDrop : 0x8379FABC gRtspUdpWindowSkip : 10
gRtspUdpDropSkip : 0
gRtspDecodeNotC2SCommand : 8312 gRtspDecodeNotS2CResponse : 1006002
gRtspDecodeErrC2SCommand : 1 gRtspDecodeErrS2CResponse : 950
gRtspDecodeErrHeaderGet : 0 gRtspDecodeErrHeaderModify : 0
Drop source routed IP packets is on
Users
Max local users 100, currently 2 configured
Max user logins 150
User Authentication Method = Local
User Inactivity = 5
Max User Login Time = 30
Administrator Name = admin
Administrator Timeout = 5
Allow only auth users to Internet = 0
Services to bypass Internet auth: Name Service (DNS),Name Service (DNS),Key Exchange (IKE)
URLs to bypass access rule auth:
Services to bypass VPN auth:
Enable user lockout on login failure: no
- Lock out user after 5 failed attempts in 1 minute
- Lock out user for 5 minutes
Acceptable use policy:
'(null)'
- Enable on LAN login: yes
- Enable on WAN login: no
- Enable on DMZ login: yes
- Enable on VPN login: no
- Window size: 460 x 310
- Window scrollbars: yes
Users:
1, administrator, Bypass-Filter=0, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
2, Granite, Bypass-Filter=1, VPN Access=1,
L2TP Access=0, VPN XAUTH Client=1, Ltd Mgmt=1
Users currently connected
Addr 192.168.0.10, flags 0x22
User admin logged in, max session 0 mins
Privs: Bypass-Filter=0, VPN Access=1,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
session 135 secs, inactivity 0 secs, status fetch 0 secs
------
Authenticating client connections:
Addr 212.183.136.195, flags 0xC2
VPN Client (212.183.136.195) sessId=0x83ade7e0 user Granite logged in
Privs: Bypass-Filter=1, VPN Access=1,
L2TP Access=0, VPN XAUTH Client=1, Ltd Mgmt=1
session 45 secs, inactivity 0 secs, status fetch 0 secs
------
User IP Tree: Total free entries: 100, currently free 98
User IP Logn: Total free entries: 10, currently free 10
User IP Url: Total free entries: 10, currently free 10
User IP Sess: Total free entries: 100, currently free 100
Cache hits: 0.01%
Management
HTTP Management: 1
HTTP Management Port: 80
HTTPS Management: 1
HTTPS Management Port: 443
Https Cert name: Use Selfsigned Certificate
Certificate Common Name: 192.168.168.168
Additional Management: None
SNMP
SNMP Disabled
System Name:
System Contact:
System Location:
Get Community Name: public
Trap Community Name:
Host 1:
Host 2:
Host 3:
Host 4:
SGMS Host :
SGMS Host Trap Port = 162
Standby SGMS Host:
Standby SGMS Host Trap Port = 162
Content Filtering
Content Filter Type: CFS
Apply Content Filter on:
: LAN: 1
: OPT: 1
Restrict WEB Features:
ActiveX: 0
Java: 0
Cookies: 0
WebProxy: 0
Known Fraudulent Certificates: 0
Don't block Java/ActiveX/Cookies to Trusted Domains: 0
Custom List: Trusted Sites
number of trusted URLs 0
webBlockMsg: This site is blocked by the SonicWALL Content Filter Service.
webPoolSize = 1200
wtHighWater = 163
SonicWALL Content Filter
block custom URLs: 1
allowOnlyAllowedDomains: 0
blockURLKeywords: 1
Custom List: Allowed Sites
num allowed URLs 0
Custom List: Forbidden Sites
num forbidden URLs 0
Custom List: Forbidden Keywords
num keywords 0
TOD always-on: 1
from 08:00 to 18:00
from Mon to Fri
Consent Page
aup.showPolicyPage: 0
aup.activityTimeout: 0
aup.policyURLAdults:
aup.policyURLKids:
aup.acceptedURL:
aup.acceptedWithFilterURL:
filtered IP addresses:
none
CFS Filter
Blocked Categories:
none
Server Address = webcfs02.global.sonicwall. com
Block On Fail = 1
Failed Timeout = 5
Block Blocked Sites = 1
Log Blocked Sites = 1
URL Cache Size = 3072 KB
mode1 = 1
Timeout1 = 1
Timeout2 = 0
mode2 = 1
mode4 = 3
Server Ready = 1
Server Status Code = 0
Allocated cache: 3120024 bytes
Subscription Expires On 11/14/2007
N2H2 Content Filter
Server Address =
Listen Port = 4005
Replay Port = 4005
User Name:
Block On Fail = 1
Failed Timeout = 5
Block Blocked Sites = 1
Log Blocked Sites = 0
URL Cache Size = 50 KB
Server Ready = 0
Server Status Code = 0
Websense Enterprise Content Filter
Server Address =
Server Port = 15868
User Name:
Block On Fail = 1
Failed Timeout = 5
URL Cache Size = 50 KB
Server Ready = 0
licenseCount = 0
Server Status Code = 0
Email Filtering
E-Mail Filtering Service is ACTIVATED
Mail Attachment Filtering Alert Service is enabled
MAFiA Timestamp = UTC 05/02/2005 13:46:01.000
File List:
num forbidden files 48
filename 1: _passwort-info.zip
filename 2: account_info.zip
filename 3: all users.exe
filename 4: autoemail-text.zip
filename 5: card.exe
filename 6: command.exe
filename 7: creditcard.bat
filename 8: creditcard.zip
filename 9: details.zip
filename 10: docs.exe
filename 11: document003.pif
filename 12: fifa_info-text.zip
filename 13: hot girl.scr
filename 14: hotmailpass.exe
filename 15: inf.exe
filename 16: internet file.exe
filename 17: list.txt.scr
filename 18: lol.zip
filename 19: mail.zip
filename 20: mail_info.zip
filename 21: message.zip
filename 22: monica-bellucci.jpg.vbs
filename 23: movie_0074.mpeg.pif
filename 24: nav32.zip
filename 25: notes.zip
filename 26: okticket-info.zip
filename 27: our_secret.zip
filename 28: p.exe
filename 29: part1.zip
filename 30: patch.exe
filename 31: paypal.asp.scr
filename 32: paypal.zip
filename 33: photo.zip
filename 34: searchurl.exe
filename 35: sh.scr
filename 36: shell.exe
filename 37: system.exe
filename 38: system32.exe
filename 39: system64.pif
filename 40: textfile.zip
filename 41: untitled1.pif
filename 42: usa.scr
filename 43: vpf.zip
filename 44: website.zip
filename 45: wendy.zip
filename 46: www.paypal.com.scr
filename 47: xerox-update.exe
filename 48: xxxpic.exe
Subject List:
num forbidden files 2
filename 1: i love you
filename 2: this is a virus
Forbidden Attachment Option: Disable forbidden file by altering the file extension
Warning Message Text: The attachment to your E-mail has been disabled by the SonicWALL Virus Filter. See your network administrator for details.
Logging
smtpServerName = ''
Log email:
Alert email:
Firewall Name: 0006B12D72C8
logEmailFreq: only when full
Day Of Week Sun, Time Of Day 0
Auxillary Syslog Servers(Address:Port)
Syslog Format: Default
Syslog Individual Event Rate: 60
Rate Limiting:
Event Limiting: Disabled, Threshold: 50 events/second
Syslog Output Limiting: Disabled, Threshold: 10000 bytes/second
Log Mask:
System Maintenance: 1
Attacks: 1
System Errors: 1
Dropped TCP: 1
Blocked Web Sites: 1
Dropped UDP: 1
Blocked Java etc: 1
Dropped ICMP: 1
User Activity: 1
Network Debug: 0
VPN TCP Stats: 0
Denied LAN IP: 0
Alert Mask:
Attacks: 1
System Errors: 1
Blocked Web Sites: 0
VPN Tunnel Status: 0
collectReportData = 0
ViewPoint: Upgraded
Message Queue Statistics:
Max Queue Size: 84
Queue Overflows: 0
PPPOE Client
Disabled
Disconnected
Obtain an IP Address automatically
Static IP address = 0.0.0.0
User Name:
Password: None
Inactivity Timeout Disabled
Inactivity Time 10 minutes
L2TP Client
Disabled
Disconnected
Obtain an IP address using DHCP
L2TP Host Name
L2TP Server IP Address = 0.0.0.0
User Name:
Password: None
Traffic inactivity time out Disabled
Inactivity Time 10 minutes
L2TP Gateway Address = 0.0.0.0
L2TP SonicWALL IP Address = 0.0.0.0
L2TP DNS Server1 = 0.0.0.0
L2TP DNS Server2 = 0.0.0.0
PPTP Client
Disabled
Disconnected
Obtain an IP address using DHCP
PPTP Client Host Name
PPTP Server IP Address = 0.0.0.0
User Name:
Password: None
Traffic inactivity time out Disabled
Inactivity Time 10 minutes
PPTP Gateway Address = 0.0.0.0
PPTP SonicWALL IP Address = 0.0.0.0
PPTP DNS Server1 = 0.0.0.0
PPTP DNS Server2 = 0.0.0.0
DHCP Client
active=0
DHCP Server ID = 0.0.0.0
Lease Origin=0
Lease Duration=0
DNS Server1 = 0.0.0.0
DNS Server2 = 0.0.0.0
DNS Server3 = 0.0.0.0
Domain Name = ""
Host Name = ""
DHCP Server
Enable DHCP = 1
Allow DHCP Pass Through = 0
Pool Entry 0
Flags = IS_ACTIVE DYNAMIC PROPAGATE_DNS_SETTINGS
Lease Period = 1440 minutes
Range Start = 192.168.0.100
Range End = 192.168.0.150
Interface = LAN
Default Gateway = 192.168.0.1
Subnet Mask = 255.255.255.0
Domain Name = (null)
DNS Servers = 192.168.0.10 10.100.1.40
WINS Servers =
Current leases: 22
Available Dynamic: 29
Available Static: 0
Total: 51
IPSec
vpnFeaturesOn 1
IPSec enabled on
firewall identifier: '0006B12D72C8'
VPN Netbios disabled
Fragmented Packet Handling enabled
Ignore DF (Don't Fragment) Bit enabled
Clean up Active tunnels when Peer Gw DNS name resolves to a different IP Address: enabled
Nat traversal enabled
IKE Dead-Peer-Detection(DPD) enabled, Interval 60, Threshold 3
IKE Keep Alive interval (seconds) 240
VPN Single Armed mode disabled
Override default VPN tunnel for mgmt traffic disabled
Bandwidth Management VPN: enabled: 0, guaranteed 0.000, max 0.000, priority 0
Send VPN tunnel traps only when tunnel status changes disabled
SA limit, including Group SA: 11
--- SA 1 ---
name "GroupVPN", enabled,
Phase 1 Exchange: Aggressive Mode
Phase 1: DHGroupID 2, Encrypt/Auth - 3DES SHA1
Phase 2: DHGroupID 1, Encrypt/Auth - ESP 3DES HMAC SHA1
Key Exchange: IKE with Preshared secret
VPN Terminated at: LAN
xauth on, netbios off, PFS off
ApplyNatAndRules off, ForwardPacketsToRemoteVPNs off, TunnelForAllOutboundTraffi c off
KeepAlive off (Try-all off), CentralDhcpTunnel on
IKE SA Life time (secs) = 28800
Ipsec SA Life time (secs) = 28800
Authentication of local users off, Authentication of remote users off
gw 0.0.0.0
secondary gw 0.0.0.0
Default LAN gateway 0.0.0.0
Pre-shared Key len 16, val=F5E0530CFA1C3FE8
GroupVPN Client Settings:
User Name and Password Caching:
XAUTH User Authentication is Required
Cache XAUTH User Name and Password on Client: Single Session
Client Connections:
Virtual Adapter Settings: DHCP Lease
Allow Connections to Split Tunnels
Set Default Route as this Gateway is Not Selected
Personal Firewall on Client Machine is Not Required
Client Initial Provisioning:
Use Default Key for Simple Client Provisioning is Not Selected
IPSec Memory Usage:
Max SAs: 11
Master policy db, main array: 1232 bytes
Master policy db, SA names: 1 8 bytes
Master policy db, gw names: 0 0 bytes
Master policy db, crypto keys: 1 16 bytes
Master policy db, auth keys: 0 0 bytes
Master policy db, ph1 xforms: 1 4 bytes
Master policy db, ph2 xforms: 1 5 bytes
Master policy db, dest nets: 0 0 bytes
Master policy db, certs: 0 0 bytes
Master policy db, total: 1265 bytes
Total SAs: 1
Total IKE SAs: 1
IKE policy db, IKEInfos: 0 0 bytes
IKE policy db, IPSECPREFs: 0 0 bytes
IKE phase 1 Prefs, basic: 0 0 bytes
IKE phase 1 Prefs, transforms: 0 0 bytes
IKE phase 1 Prefs, rem ids: 0 0 bytes
IKE phase 1 Prefs, certs: 0 0 bytes
IKE phase 1 Prefs, total: 0 bytes
L2TP Server
Enabled
L2TP Keep alive time (secs) 60
DNS Server 1 = 192.168.0.10
DNS Server 2 = 193.38.113.3
WINS Server 1 = 194.117.157.4
WINS Server 2 = 0.0.0.0
Use the Local L2TP IP pool
Start IP = 192.168.1.200
End IP = 192.168.1.220
PKI:
admin certificate unactive
Admin CRL Download Scheduled = -1
User CRL Download Scheduled = -1
Admin CRL number downloaded = 0
User CRL number downloaded = 0
Third Party Certificates:
CA Certificates number imported = 0
Local Certificates number imported = 0
Certificate Signing Requests number pending = 0
RADIUS
retry count: 3, server timeout: 5
---server 1---
IPort Number = 1812
IP Address/name =
Shared Secret =
---server 2---
IPort Number = 1812
IP Address/name =
Shared Secret =
Global RADIUS user privs: Bypass-Filter=0, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
Anti-Virus
Upgrade Status: Upgrade Required
avEnable = Disabled
avReduceTraffic = Disabled
downloadUrl =
avEncryptKey = 6b18571e39e7b2596ccd6f5d6f bf7213
daysToForceUpdate = 5
lowRiskAlert = Off
mediumRiskAlert = On
highRiskAlert = On
avLicenseCount = 0
avExpire = UTC 10/01/2004 00:00:00.000
avLowRiskAlertTimestamp = UTC 06/06/2001 04:14:00.000
avMediumRiskAlertTimestamp = UTC 10/06/2005 04:09:08.000
avHighRiskAlertTimestamp = UTC 08/17/2005 00:49:06.000
policeOPT = Off
Disable policing from LAN to OPT = Off
Range Mode = Police All
Global security client Info:
policyGSCversion = 0
policyID = 6363636363636363f9393454ba b4e90e1c1f 6cf4784df8 05
gscDownloadUrl = https://policymanager.sonicwall.com/ECA/GSC.msi
listSize = 225
licenseCount = 125
numActiveClients = 0
IP addr UP to date Last Replied First Ping Policy Version Num Pings
--------------- ----------------- -------------- -------------- --------------- ---------
-------------------------- ---------- ---------- ---------- ---------- ---------- -------
IDP is Activated
IDP is NOT Enabled
IDP Reassembly is NOT Enabled
Signature database is present
Signature database download is NOT in-progress
SchedulerId is 0
Last time we received a valid signature database we successfully loaded 5563 signatures
DPIDisabled (configured) is 0
DPIDisabled (running) is 0
running signature timestamp = UTC 11/15/2006 16:21:42.000
timestamp last checked = 11/16/2006 14:17:17.352
latest available signature timestamp = UTC 11/15/2006 16:21:42.000
last successful downloaded db signature timestamp = UTC 11/15/2006 16:21:42.000
compressed signature image size = 523230 bytes
P2P signatures are NOT present
IM signatures are NOT present
Global Detect All High Priority = 0
Global Detect All Medium Priority = 0
Global Detect All Low Priority = 0
Global Prevent All High Priority = 0
Global Prevent All Medium Priority = 0
Global Prevent All Low Priority = 0
Global High Priority Redundancy Timer = 0 seconds
Global Medium Priority Redundancy Timer = 0 seconds
Global Low Priority Redundancy Timer = 60 seconds
64 byte buffer count = 1000 free
576 byte buffer count = 1000 free
1500 byte buffer count = 1000 free
packet buffer count = 3000 free
Gateway Anti-Virus is Activated
Gateway Anti-Virus is NOT Enabled
SMTP Inbound is Enabled
SMTP Outbound is NOT Enabled
HTTP is Enabled
POP3 is Enabled
IMAP is Enabled
FTP is Enabled
TCP Stream is NOT Enabled
Suppress SMTP Responses is NOT Enabled
Send Client Alert is NOT Enabled
Restrict password-protected zip files is NOT Enabled
Restrict MS-Office macro files is NOT Enabled
Restrict packed executable files is Enabled
Disable Eicar test virus detection is Enabled
Disable POP3 Auto Deletion is NOT Enabled
Disable POP3 UIDL rewriting is NOT Enabled
Enable Byte-Range HTTP requests is NOT Enabled
Enable 'REST' FTP client requests is NOT Enabled
Expiration Date = UTC 11/14/2007 00:00:00.000
running signature timestamp = UTC 11/13/2006 18:37:40.000
latest available signature timestamp = UTC 11/13/2006 18:37:40.000
Anti-Spyware is Activated
Anti-Spyware is NOT Enabled
SMTP Inbound is Enabled
HTTP is Enabled
POP3 is Enabled
IMAP is Enabled
FTP is Enabled
Outbound Spyware Scanning is Enabled
Suppress SMTP Responses is NOT Enabled
Send Client Alert is NOT Enabled
Expiration Date = UTC 11/14/2007 00:00:00.000
running signature timestamp = UTC 11/08/2006 12:38:45.000
latest available signature timestamp = UTC 11/08/2006 12:38:45.000
Global Detect All High Priority = 0
Global Detect All Medium Priority = 0
Global Detect All Low Priority = 0
Global Prevent All High Priority = 0
Global Prevent All Medium Priority = 0
Global Prevent All Low Priority = 0
Global High Priority Redundancy Timer = 0 seconds
Global Medium Priority Redundancy Timer = 0 seconds
Global Low Priority Redundancy Timer = 0 seconds
License info
LicenseNumberIps:25
License Ever Exceeded 0
License Exceed Redirect Counter: 0
License Node timeout: 900
Current Used License: 11
192.168.0.119 00:03:0D:1E:62:02 Inf=LAN
192.168.0.141 00:30:65:E0:27:92 Inf=LAN
192.168.0.113 00:B0:D0:3A:14:C9 Inf=LAN
192.168.0.109 00:0F:FE:B3:30:70 Inf=LAN
192.168.0.145 00:13:72:B4:0B:AA Inf=LAN
192.168.0.136 00:0D:56:84:8E:CC Inf=LAN
192.168.0.118 00:11:43:B2:ED:D6 Inf=LAN
192.168.0.100 00:0D:56:84:8F:05 Inf=LAN
192.168.0.112 00:0D:56:84:8F:30 Inf=LAN
192.168.0.137 00:0D:56:84:8E:D8 Inf=LAN
192.168.0.10 00:17:A4:0F:EA:99 Inf=LAN
License Exclude Node Count: 0
fwinfoDomain is: licensemanager.sonicwall.c om
LicenseNumberVPNclients 1
GSC Policy Version: 0
Time
Time Zone: "UK (GMT)"
Use International time format: 0
Use DST: 1
Use UTC in log: 0
Use NTP: 1
NTP update interval: 60 minutes
Custom NTP Server List:
Current NTP server nist1.symmetricom.com
Flash Prefs Load/Save Statistics
calls made since startup: 93
smallest mem block during a save: 15340944 at time: 11/16/2006 14:17:18.352
current ASCII prefs file size: 61329
current compressed prefs file size: 20448
prefs were read at startup: Successfully
Flash Prefs Mirror State
Mirror Image A Active
Pref Pointer points to Block A
Max available pref size per Mirror: 5.500 Mbyte
DHCP over VPN
DHCP Relay Enabled : 1
Remote Gateway : 0
Central Gateway : 1
Relay IP Address : 0.0.0.0
DHCP Mgmt IP Address : 0.0.0.0
Peer Network Address : 0.0.0.0
Peer Subnet Mask : 0.0.0.0
Using IP Helper : 0
Doing IP Spoof Detect : 1
Serve Temp Lease : 0
Temp Lease Time : 120 (seconds)
GroupVPN Relay Addr : 0.0.0.0
Use Internal DHCP Server : Yes
For Global VPN Client : Yes
For Remote Firewall : No
Static IP Addresses on LAN:
Excluded Devices on LAN:
DHCP Server List:
Status:
Central Gateway Agent
Central Gateway Table with IP Address
current size: 0
maximum size: 10000
growth size: 200
table size: 200
element size: 40
Central Gateway Table with XID
current size: 0
maximum size: 5000
growth size : 200
table size : 200
element size: 32
Dynamic DNS
lineMode: 1
Number of DDNSS entries: 0
Memory Partition Statistics
status bytes blocks avg block max block
------ --------- -------- ---------- ----------
current
free 15566704 30 - 15340960
alloc 41755184 3820 - -
--Cache check----------
Cache current: 33, high water 542, added 1780177, deleted 1780144
ConnNode errors: 0, Hash List errors: 0, ConnNode cleanup errors: 0
buffer bounds check (buffer from 0x836981b8 to 0x836bc1b8)
checking freeBufferList (6111 elem)
checking unmappedList (1 elem)
checking connectionTable
checking freeNodeList (6118 elem)
total bounding errors: 0, connection table errors 0, nat table errors 0, conn node errors 0
--Cache check complete---------
1435: 'tNetTask' '../../..' 346
1435: 'tNetTask' '../../..' 346
1435: 'tNetTask' '../../..' 346
1435: 'tNetTask' '../../..' 346
61984: 'tNetTask' '../../..' 111
44934: 'tNetTask' '../../..' 346
43038: 'tNetTask' '../../..' 346
38713: 'tNetTask' '../../..' 346
26140: 'tNetTask' '../../..' 346
26033: 'tNetTask' '../../..' 346
22490: 'tNetTask' '../../..' 346
13785: 'tNetTask' '../../..' 346
13759: 'tNetTask' '../../..' 346
13759: 'tNetTask' '../../..' 346
13759: 'tNetTask' '../../..' 346
13759: 'tNetTask' '../../..' 346
63048: 'tNetTask' '../../..' 111
56182: 'tNetTask' '../../..' 346
53933: 'tNetTask' '../../..' 346
53900: 'tNetTask' '../../..' 346
53900: 'tNetTask' '../../..' 346
53900: 'tNetTask' '../../..' 346
53900: 'tNetTask' '../../..' 346
53895: 'tNetTask' '../../..' 346
53895: 'tNetTask' '../../..' 346
53892: 'tNetTask' '../../..' 346
53892: 'tNetTask' '../../..' 346
53890: 'tNetTask' '../../..' 346
53890: 'tNetTask' '../../..' 346
53889: 'tNetTask' '../../..' 346
53889: 'tNetTask' '../../..' 346
53889: 'tNetTask' '../../..' 346
53888: 'tNetTask' '../../..' 346
53888: 'tNetTask' '../../..' 346
53887: 'tNetTask' '../../..' 346
53887: 'tNetTask' '../../..' 346
11607: 'tNetTask' '../../..' 346
51838: 'tNetTask' '../../..' 346
43124: 'tNetTask' '../../..' 346
7070: 'tNetTask' '../../..' 346
48486: 'tNetTask' '../../..' 346
48486: 'tNetTask' '../../..' 346
48475: 'tNetTask' '../../..' 346
13569: 'tNetTask' '../../..' 346
13560: 'tNetTask' '../../..' 346
13532: 'tNetTask' '../../..' 346
13532: 'tNetTask' '../../..' 346
13532: 'tNetTask' '../../..' 346
32113: 'tNetTask' '../../..' 346
32104: 'tNetTask' '../../..' 346
31403: 'tNetTask' '../../..' 346
31379: 'tNetTask' '../../..' 346
31343: 'tNetTask' '../../..' 346
55918: 'tNetTask' '../../..' 346
27155: 'tNetTask' '../../..' 346
37121: 'tNetTask' '../../..' 346
23775: 'tNetTask' '../../..' 346
23648: 'tNetTask' '../../..' 346
14106: 'tNetTask' '../../..' 346
13565: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9024: 'tNetTask' '../../..' 346
52170: 'tNetTask' '../../..' 346
8121: 'tNetTask' '../../..' 346
8095: 'tNetTask' '../../..' 346
58491: 'tNetTask' '../../..' 346
58491: 'tNetTask' '../../..' 346
58481: 'tNetTask' '../../..' 346
58481: 'tNetTask' '../../..' 346
58352: 'tNetTask' '../../..' 346
58352: 'tNetTask' '../../..' 346
58346: 'tNetTask' '../../..' 346
58346: 'tNetTask' '../../..' 346
58335: 'tNetTask' '../../..' 346
58335: 'tNetTask' '../../..' 346
12131: 'tNetTask' '../../..' 346
2403: 'tNetTask' '../../..' 346
39760: 'tNetTask' '../../..' 346
56106: 'tNetTask' '../../..' 346
2358: 'tNetTask' '../../..' 346
42210: 'tNetTask' '../../..' 346
41986: 'tNetTask' '../../..' 346
41986: 'tNetTask' '../../..' 346
55165: 'tNetTask' '../../..' 346
55165: 'tNetTask' '../../..' 346
55155: 'tNetTask' '../../..' 346
55155: 'tNetTask' '../../..' 346
55155: 'tNetTask' '../../..' 346
55155: 'tNetTask' '../../..' 346
42651: 'tNetTask' '../../..' 346
42650: 'tNetTask' '../../..' 346
24136: 'tNetTask' '../../..' 346
52593: 'tNetTask' '../../..' 346
52581: 'tNetTask' '../../..' 346
31720: 'tNetTask' '../../..' 346
43874: 'tNetTask' '../../..' 346
System Timer Name is tTimerTask running at priority 50 with stack size 32768 bytes
System Timer Semaphore Id is 0x83973eb0
System Timer Expiration Maximum is 128 per execute
System Timer 60 ticks per second
System Timer current slot is 6843
System Timer used 20 of total 314
System Timer used high-water 31
System Timer ExecuteCount 4758203, UpdateCount 4758203
--------------------------
id: 'name'(taskPriority, flags) @(slot, count) function(param)
--------------------------
0x83ad3990: 'expire'( 0, 0x1100) @( 921, 0) 0x8015c754(3137939487)
0x83ad39b0: 'expire'( 0, 0x1100) @( 1391, 0) 0x8015c754(3604535545)
0x83ad39d0: 'expire'( 0, 0x1100) @( 2204, 0) 0x8015c754(3451797486)
0x83ad39f0: 'expire'( 0, 0x1100) @( 2275, 0) 0x8015c754(1254434587)
0x83ad3a10: 'expire'( 0, 0x1100) @( 2362, 0) 0x8015c754(874562764)
0x83ad3a30: 'expire'( 0, 0x1100) @( 2829, 0) 0x8015c754(537441179)
0x83ad3a50: 'cachTi'( 0, 0x1100) @( 6843, 0) 0x800bb090(0)
0x83ad3a70: 'synflo'( 0, 0x1100) @( 6843, 0) 0x80054244(0)
0x83ad3a90: 'enetMo'( 0, 0x1100) @( 6845, 0) 0x8023d0e8(0)
0x83ad3ab0: 'usrTim'( 0, 0x1100) @( 6853, 0) 0x80342134(0)
0x83ad3ad0: 'tIkeRe'( 50, 0x1100) @( 6855, 0) 0x80166014(2153434912)
0x83ad3af0: 'NatTra'( 0, 0x1100) @( 6859, 0) 0x801668dc(0)
0x83ad3b10: 'IKEKee'( 0, 0x1100) @( 6872, 0) 0x80166764(0)
0x83ad3b30: 'cfsTim'( 0, 0x1100) @( 6886, 0) 0x800cd138(0)
0x83ad3b50: 'arpAge'( 0, 0x1100) @( 6888, 0) 0x8023f280(0)
0x83ad3b70: 'vpnTim'( 0, 0x1100) @( 6888, 0) 0x80152fb4(0)
0x83ad3b90: 'licens'( 0, 0x1100) @( 6943, 0) 0x80344090(0)
0x83ad3bb0: 'LdapLi'( 0, 0x1100) @( 6947, 0) 0x802d6a78(0)
0x83ad3bd0: 'IKETun'( 0, 0x1100) @( 7043, 0) 0x8016682c(0)
0x83ad3bf0: 'fwUpda'( 0, 0x1100) @(25287, 2) 0x8034b1f4(0)
--------------------------
start fdr dump
end fdr dump
Stateful statistics by protocol:
Protocol Overwrites Max Overwrite ID Errors Decode Errors
-------- ---------- ------------- --------- -------------
FTP 0 0 0 0
TFTP 0 0 0 0
NetBios 0 0 0 0
RealAudio 0 0 0 0
PPTP 0 0 0 0
HTTP 0 0 0 0
SMTP 0 0 0 0
POP3 0 0 2 0
News 0 0 0 0
Oracle 0 0 0 0
SIP 0 0 0 0
MSN 0 0 0 2
H.323 0 0 0 0
QuickTime 0 0 0 951
Invalid TCP packets before handshake: 152
------------------------in etstatShow ---------- ---------- ---------- ---------- ---
Active Internet connections (including servers)
PCB Proto Recv-Q Send-Q Local Address Foreign Address (state)
-------- ----- ------ ------ ------------------ ------------------ -------
83ef8fbc TCP 0 2537 192.168.0.1.80 192.168.0.10.45190 ESTABLISHED
83ef8f38 TCP 0 0 192.168.0.1.80 192.168.0.10.45189 TIME_WAIT
83ef8eb4 TCP 0 0 0.0.0.0.443 0.0.0.0.0 LISTEN
83ef8e30 TCP 0 0 0.0.0.0.80 0.0.0.0.0 LISTEN
83ef9148 UDP 0 0 0.0.0.0.500 0.0.0.0.0
83ef8dac UDP 0 0 0.0.0.0.67 0.0.0.0.0
83ef8908 UDP 0 0 0.0.0.0.161 0.0.0.0.0
------------------------St ack Data Pool---------------------- ---------- --------
type number
--------- ------
FREE : 1557
DATA : 41
HEADER : 2
SOCKET : 0
PCB : 0
RTABLE : 0
HTABLE : 0
ATABLE : 0
SONAME : 0
ZOMBIE : 0
SOOPTS : 0
FTABLE : 0
RIGHTS : 0
IFADDR : 0
CONTROL : 0
OOBDATA : 0
IPMOPTS : 0
IPMADDR : 0
IFMADDR : 0
MRTABLE : 0
TOTAL : 1600
number of mbufs: 1600
number of times failed to find space: 0
number of times waited for space: 0
number of times drained protocols for space: 0
__________________
CLUSTER POOL TABLE
__________________________ __________ __________ __________ __________ __________ ___
size clusters free usage
-------------------------- ---------- ---------- ---------- ---------- ---------- ---
64 512 485 94002
128 512 495 102295
256 512 508 6209
512 256 256 5866
1024 200 200 4270
2048 100 100 11683
-------------------------- ---------- ---------- ---------- ---------- ---------- ---
------------------------St ack System Pool---------------------- ---------- ------
type number
--------- ------
FREE : 472
DATA : 0
HEADER : 0
SOCKET : 8
PCB : 11
RTABLE : 12
HTABLE : 0
ATABLE : 0
SONAME : 0
ZOMBIE : 0
SOOPTS : 0
FTABLE : 0
RIGHTS : 0
IFADDR : 8
CONTROL : 0
OOBDATA : 0
IPMOPTS : 0
IPMADDR : 1
IFMADDR : 0
MRTABLE : 0
TOTAL : 512
number of mbufs: 512
number of times failed to find space: 0
number of times waited for space: 0
number of times drained protocols for space: 0
__________________
CLUSTER POOL TABLE
__________________________ __________ __________ __________ __________ __________ ___
size clusters free usage
-------------------------- ---------- ---------- ---------- ---------- ---------- ---
64 64 57 41
128 64 46 7543
256 64 57 4912
512 64 56 7532
-------------------------- ---------- ---------- ---------- ---------- ---------- ---
------------------------SW Net Pool---------------------- ---------- ---------- --
__________________
CLUSTER POOL TABLE
__________________________ __________ __________ __________ __________ __________ ___
size clusters free usage
-------------------------- ---------- ---------- ---------- ---------- ---------- ---
2048 1720 967 85290198
-------------------------- ---------- ---------- ---------- ---------- ---------- ---
DHCP bindings
-------------------------- ---------- ---------- ---------- ---------- ----
IP Address Type Status H/W Address Expire time
-------------------------- ---------- ---------- ---------- ---------- ----
192.168.0.100 DYNAMIC LEASED 00:0D:56:84:8F:05 2006-11-17 09:15:50
192.168.0.102 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.103 DYNAMIC LEASED 00:0A:95:C4:3F:78 2006-11-17 10:34:46
192.168.0.108 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.109 DYNAMIC LEASED 00:0F:FE:B3:30:70 2006-11-17 08:56:38
192.168.0.112 DYNAMIC LEASED 00:0D:56:84:8F:30 2006-11-17 08:25:08
192.168.0.113 DYNAMIC LEASED 00:B0:D0:3A:14:C9 2006-11-17 13:11:00
192.168.0.116 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.118 DYNAMIC LEASED 00:11:43:B2:ED:D6 2006-11-17 08:53:29
192.168.0.119 DYNAMIC LEASED 00:03:0D:1E:62:02 2006-11-17 09:50:02
192.168.0.126 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.127 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.128 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.135 DYNAMIC LEASED 00:0D:56:84:8F:39 2006-11-17 05:53:42
192.168.0.136 DYNAMIC LEASED 00:0D:56:84:8E:CC 2006-11-17 09:05:49
192.168.0.137 DYNAMIC LEASED 00:0D:56:84:8E:D8 2006-11-17 09:14:06
192.168.0.138 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.141 DYNAMIC LEASED 00:30:65:E0:27:92 2006-11-17 09:21:31
192.168.0.143 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.145 DYNAMIC LEASED 00:13:72:B4:0B:AA 2006-11-17 08:54:02
192.168.0.146 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.149 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
-------------------------- ---------- ---------- ---------- ---------- ----
Static ARP Entries: No Entries
ARP Cache entry timeout: 10 minutes
ARP Cache
----------------------ARP TABLE--------------------- ---------
entries=14 lookups=2789740 fails=8574 hits=2727936 misses=53230 hitRate=98 percent
-------------------------- ---------- ---------- ---------- -------
192.168.0.119 <-> 00:03:0D:1E:62:02 (LAN) expires in 10 mins
192.168.0.113 <-> 00:B0:D0:3A:14:C9 (LAN) expires in 10 mins
192.168.0.141 <-> 00:30:65:E0:27:92 (LAN) expires in 10 mins
192.168.0.145 <-> 00:13:72:B4:0B:AA (LAN) expires in 6 mins
192.168.0.109 <-> 00:0F:FE:B3:30:70 (LAN) expires in 9 mins
10.100.223.254 <-> 00:06:B1:2D:72:CA (WAN) is permanent published
10.100.223.1 <-> 00:0A:8A:76:64:FF (WAN) expires in 10 mins
192.168.0.118 <-> 00:11:43:B2:ED:D6 (LAN) expires in 10 mins
192.168.0.136 <-> 00:0D:56:84:8E:CC (LAN) expires in 9 mins
192.168.0.100 <-> 00:0D:56:84:8F:05 (LAN) expires in 10 mins
192.168.0.112 <-> 00:0D:56:84:8F:30 (LAN) expires in 9 mins
192.168.0.10 <-> 00:17:A4:0F:EA:99 (LAN) expires in 10 mins
192.168.0.137 <-> 00:0D:56:84:8E:D8 (LAN) expires in 9 mins
192.168.0.1 <-> 00:06:B1:2D:72:C8 (LAN) is permanent published
-------------------------- ---------- ---------- ---------- -------
---------------------NAT Policy Table--------------------
| Orig Src | Orig Dst | Orig Svc |
-------------------------- ---------- ---------- ---------- -
| Trans Src | Trans Dst | Trans Svc |
-------------------------- ---------- ---------- ---------- -
-Index: 0-Usage: 0-Priority: ff0201fa------------------ --
| 0.0.0.0 | 0.0.0.0 | 17 500 |
| 255.255.255.0 | | |
-------------------------- ---------- ---------- ---------- -
| Orig | 192.168.0.1 | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 1-Usage: 0-Priority: ff0201fa------------------ --
| 0.0.0.0 | 10.100.223.254 | 17 500 |
| 255.255.255.0 | | |
-------------------------- ---------- ---------- ---------- -
| 10.100.223.254 | 192.168.0.1 | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 2-Usage: 0-Priority: feed0224------------------ --
| 192.168.0.0 | 10.100.223.254 | 17 500 |
| 255.255.255.0 | | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
-------------------------- ---------- ---------- ---------- -
| 10.100.223.254 | 192.168.0.1 | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 3-Usage: 0-Priority: feed0224------------------ --
| 192.168.0.0 | 10.100.223.254 | 6 80 |
| 255.255.255.0 | | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
-------------------------- ---------- ---------- ---------- -
| 10.100.223.254 | 192.168.0.1 | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 4-Usage: 0-Priority: feed0224------------------ --
| 192.168.0.0 | 10.100.223.254 | 6 443 |
| 255.255.255.0 | | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
-------------------------- ---------- ---------- ---------- -
| 10.100.223.254 | 192.168.0.1 | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 5-Usage: 4-Priority: 8000fffe------------------ --
| Any | 10.100.223.254 | 17 500 |
-------------------------- ---------- ---------- ---------- -
| Orig | 192.168.0.1 | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 6-Usage: 0-Priority: 3f03fa09------------------ --
| 0.0.0.0 | 0.0.0.0 | Any |
| 255.255.255.0 | 255.255.255.0 | |
-------------------------- ---------- ---------- ---------- -
| Orig | Orig | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 7-Usage: 0-Priority: 3ef98eca------------------ --
| 0.0.0.0 | 192.168.0.0 | Any |
| 255.255.255.0 | 255.255.255.0 | |
| | 192.168.1.200- | |
| | 192.168.1.220 | |
-------------------------- ---------- ---------- ---------- -
| Orig | Orig | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 8-Usage: 0-Priority: 3ef98eca------------------ --
| 192.168.0.0 | 0.0.0.0 | Any |
| 255.255.255.0 | 255.255.255.0 | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
-------------------------- ---------- ---------- ---------- -
| Orig | Orig | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 9-Usage: 84-Priority: 3eef2544------------------ -
| 192.168.0.0 | 192.168.0.0 | Any |
| 255.255.255.0 | 255.255.255.0 | |
| 192.168.1.200- | 192.168.1.200- | |
| 192.168.1.220 | 192.168.1.220 | |
-------------------------- ---------- ---------- ---------- -
| Orig | Orig | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 10-Usage: 0-Priority: 7f03---------------------- -
| 0.0.0.0 | Any | Any |
| 255.255.255.0 | | |
-------------------------- ---------- ---------- ---------- -
| 10.100.223.254 | Orig | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 11-Usage: 56987-Priority: 7eee-------------------
| 192.168.0.0 | Any | Any |
| 255.255.255.0 | | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
-------------------------- ---------- ---------- ---------- -
| 10.100.223.254 | Orig | Orig |
-------------------------- ---------- ---------- ---------- -
-Index: 12-Usage: 11918-Priority: 0----------------------
| Any | Any | Any |
-------------------------- ---------- ---------- ---------- -
| Orig | Orig | Orig |
-------------------------- ---------- ---------- ---------- -
Memory Zone Report
Memory Zones used 15 of total 32
Zone Total Alloc'ed Free High ElemSize Fail EstInit EstIncr Overhead%
buf-16 10921 5624 5297 5677 16 0 10240 2048 33 (V1)
buf-32 818 742 76 764 32 0 1024 256 20 (V1)
buf-64 454 400 54 408 64 0 512 128 11 (V1)
buf-128 720 330 390 1055 128 0 256 128 6 (V1)
buf-256 248 88 160 97 256 0 256 128 3 (V1)
buf-512 62 19 43 26 512 0 64 64 3 (V1)
buf-1056 61 27 34 35 1056 0 64 32 1 (V1)
buf-2080 310 232 78 3681 2080 0 64 64 1 (V1)
buf-4128 31 8 23 10 4128 0 32 16 2 (V1)
buf-8224 61 45 16 47 8224 0 32 16 4 (V1)
buf-16416 15 10 5 12 16416 0 16 8 6 (V1)
buf-32800 45 39 6 40 32800 0 16 16 2 (V1)
share-16 1636 73 1563 80 16 0 256 256 20 (V2)
share-24 1169 95 1074 102 24 0 256 256 14 (V2)
share-40 744 0 744 0 40 0 256 256 9 (V2)
ChunkSize AllocFail TotalAlloc TotalDeall CurAlloc CurBytes CurCache fromCache toCache
32768 0 47 38 9 294912 2 36 38
65536 0 2 0 2 131072 0 0 0
131072 0 84 76 8 1048576 55 21 76
262144 0 3 0 3 786432 0 0 0
524288 0 3 0 3 1572864 0 0 0
1048576 0 0 0 0 0 0 0 0
Total Currently Malloc'ed of all chunks: 3833856 bytes
Total Currently Available of all chunks in cache: 7274496 bytes
MemoryZone alloc: invalid zone 0, invalid zone flags 0
MemoryZone free: invalid zone magic 0, invalid zone flags 0
MemoryZone free: null argument 0, invalid header 0, element already freed 0
MemoryZones: total created 15, total removed 0
Buffer Memory Zone Report
Zero-Size Allocation Request Count: 0
Non-Buffer-MemoryZone Use: Allocation Count 256, Deallocation Count 214, Current Balance 42
Non-Buffer-MemoryZone Allocation Size: min 40000, max 7000000
Non-Buffer-MemoryZone Allocation Failure Count: 0
Non-Tagged Deallocation Count: 0
Watchdog reboot information
09/22/2006 14:02:43.624 System Startup F:3.1.0.7-77s R: 3.1.0.2 0006B12D72C8 p: 511; b: 511
End of TSR
What errors are you getting from the client software. - NONE
Are you getting a IP address from the lan? - NO, SHOULD BE IN SONICWALL DHCP RANGE 192.168.0.100-150/24
Are you using a windows server and the sonicwall as a dhcp server? NO - SONICWALL ONLY. Can only use one or the other.
local user > Access to VPNs - TICKED
> Access from VPN client with XAUTH > check both - TICKED
> uncheck L2TP VPN - DONE
on the Users > Local Users > should show user has vpn access and client vpn access - YES
On the VPN > DHCP over VPN page the central gateway what boxes do you have checked? - CENTRAL GATEWAY, USE INTERNAL DHCP, FOR GLOBAL VPN CLIENT
On the vpn settings page > advanced check Require Authentication of VPN Clients via XAUTH and VPN Terminated at: LAN - DONE
On the client page Virtual Adapter settings: dhcp lease - DONE
Cache XAUTH User Name and Password on Client: single session - DONE
Allow Connections to: adjust the three setting and test - TRIED ALL THREE
On general page IPSec Keying Mode: ike using preshared key - IKE USING PRESHARED SECRET
NO JOY
If it does not work go to the System > Diagnostics check all 4 boxes download tsr and post here.
OK, POSTED BELOW. PLEASE FORGIVE CAPS, THANKS FOR YOUR TIME!
Status
Serial number 0006-B12D-72C8
Registration code: 2MJL4NQX
Product Code: 511; Base Product Code: 511
Board ID: 0x2
11/16/2006 14:46:39.640
SonicWALL has been up: 55 Days, 1 Hour, 43 Minutes, 25 Seconds
Firmware version: SonicOS Standard 3.1.0.7-77s
No debug symbols in firmware
restartRequired: False
Revision: 3.1.0.7-77s
ROM version 3.1.0.2
Previous firmware version: none
min firmware for this hardware: SonicOS Standard 3.1.0.7 Standard
max firmware for this hardware: 0.0.0.0
vers check err: 0
Crypto level: domestic
VPN Hardware Accelerator Detected
Processor= "SonicWALL Security Processor"
Model= TZ 170 Standard
Resource language: eng
RAM size: 64 M
Flash size: 8 M
Flash type: TC58FVM6T2A
Configured interface settings:
WAN: Auto Negotiate
LAN: Auto Negotiate
OPT: Auto Negotiate
Active interface settings:
WAN: 100 Mbps, Full Duplex
LAN: 100 Mbps, Full Duplex
OPT: No connection detected
CPU Monitor
CPU Monitor:
Current 1s CPU Utilization: 3.33%
Current 10s CPU Utilization: 9.50%
Total Average CPU Utilization: 1.35%
CPU Utilization Per Process:
# Name PC PRI Total% (secs) Curr% (secs)
--- ----------------- ---------- --- ------------- -------------
1. tNetTask 0x8035a320 50 0.50 (23627.92) 3.33 (0.03)
2. tTimerTask 0x8035a320 50 0.83 (39690.38) 0.00 (0.00)
3. tMainLogTask 0x803e41a0 50 0.01 (329.02) 0.00 (0.00)
4. tWebMain 0x8020436c 50 0.01 (305.20) 0.00 (0.00)
5. tDEACheckDEAServer 0x803c0f64 104 0.01 (280.75) 0.00 (0.00)
6. tIkeUdpTask 0x8035a320 50 0.00 (15.17) 0.00 (0.00)
7. tAlertLed 0x8035a320 40 0.00 (8.02) 0.00 (0.00)
8. tDHCP 0x8035a320 100 0.00 (6.00) 0.00 (0.00)
9. tMyArpTask 0x803e41a0 45 0.00 (4.97) 0.00 (0.00)
10. tNtp 0x803c0f64 254 0.00 (1.83) 0.00 (0.00)
11. tWdTask 0x803c0f64 8 0.00 (0.35) 0.00 (0.00)
12. tExcTask 0x803e41a0 0 0.00 (0.12) 0.00 (0.00)
13. tGSCLiveCheck 0x803c0f64 103 0.00 (0.07) 0.00 (0.00)
14. tIkeMsgTask 0x803e41a0 50 0.00 (0.05) 0.00 (0.00)
15. tDcacheUpd 0x803c0f64 250 0.00 (0.05) 0.00 (0.00)
16. tCLI 0x8035a320 10 0.00 (0.02) 0.00 (0.00)
17. tSwSnmpTrapd 0x803e41a0 50 0.00 (0.02) 0.00 (0.00)
18. tWebListenS 0x8035a320 50 0.00 (0.00) 0.00 (0.00)
19. tSysMonitor 0x803c0f64 10 0.00 (0.00) 0.00 (0.00)
20. tTmrTask 0x803c0f64 15 0.00 (0.00) 0.00 (0.00)
21. tWdRbTask 0x8035a320 8 0.00 (0.00) 0.00 (0.00)
22. tDHCPC 0x803e41a0 100 0.00 (0.00) 0.00 (0.00)
23. tDHCPrefresh 0x803e41a0 101 0.00 (0.00) 0.00 (0.00)
24. wpTtReader 0x803e41a0 8 0.00 (0.00) 0.00 (0.00)
25. tLogTask 0x803e41a0 0 0.00 (0.00) 0.00 (0.00)
26. tCRL 0x8035a320 128 0.00 (0.00) 0.00 (0.00)
27. tL2tpServerTask 0x8035a320 130 0.00 (0.00) 0.00 (0.00)
28. tSnmpd 0x8035a320 150 0.00 (0.00) 0.00 (0.00)
29. tDhcprGarbage 0x803e41a0 150 0.00 (0.00) 0.00 (0.00)
30. tRandSeedTask 0x803c0f64 200 0.00 (0.00) 0.00 (0.00)
31. tChkCable 0x803c0f64 200 0.00 (0.00) 0.00 (0.00)
32. tSnmpTmr 0x803e41a0 200 0.00 (0.00) 0.00 (0.00)
33. tTODTask 0x803c0f64 200 0.00 (0.00) 0.00 (0.00)
34. tDDNSS 0x8035a320 225 0.00 (0.00) 0.00 (0.00)
35. tResetSwitch 0x803c0f64 245 0.00 (0.00) 0.00 (0.00)
36. tMzZgc 0x803c0f64 250 0.00 (0.00) 0.00 (0.00)
37. tWebMainS 0x8035a320 50 0.00 (0.00) 0.00 (0.00)
38. tIpFragClean 0x803c0f64 55 0.00 (0.00) 0.00 (0.00)
Task Total 1.35 (64269.92) 3.33 (0.03)
Idle 98.65 (4693866.00) 96.67 (0.97)
System 0.00 (54.45) 0.00 (0.00)
CPU Utilization History for Last Minute (60 seconds ago --> now):
2,0,2,0,8,13,53,100,100,10
CPU Utilization History for Last Hour (60 minutes ago --> now):
5,2,2,2,2,2,3,2,2,7,5,5,7,
CPU Utilization History for Last Day (24 hours ago --> now):
0,2,2,2,0,0,0,0,0,0,0,0,0,
CPU Utilization History for Last Month (30 days ago --> now):
0,0,0,0,0,0,0,0,0,0,0,0,0,
Process Monitor
Process List:
# Name PRI STATUS PC StackPtr Size Curr Margin TaskId
--- ----------------- --- -------- -------- -------- ----- ----- ------- -------
1. tLogTask 0 PEND 803e41a0 83fe0b08 4992 264 4672 83fe0c10
2. tExcTask 0 PEND 803e41a0 83fe3638 7984 264 7552 83fe3740
3. tWdRbTask 8 PEND 8035a320 821b0cb0 992 96 632 821b0d10
4. wpTtReader 8 PEND 803e41a0 83feaf20 3984 400 3528 83feb0b0
5. tWdTask 8 DELAY 803c0f64 821b2df0 7984 128 6776 821b2e70
6. tSysMonitor 10 DELAY 803c0f64 83973198 4080 120 3448 83973210
7. tCLI 10 PEND 8035a320 821ac8f0 19984 528 18496 821acb00
8. tTmrTask 15 DELAY 803c0f64 83686b70 29984 112 29752 83686be0
9. tAlertLed 40 PEND 8035a320 83842530 3984 128 3664 838425b0
10. tMyArpTask 45 PEND 803e41a0 83869db8 3984 344 3056 83869f10
11. tNetTask 50 READY 8035a320 83eeb840 19984 176 15912 83eeb8f0
12. tTimerTask 50 PEND 8035a320 83873a40 32752 96 31216 83873aa0
13. tMainLogTask 50 PEND 803e41a0 838460b8 10224 312 5840 838461f0
14. tIkeUdpTask 50 PEND 8035a320 83fe9c78 8176 632 2048 83fe9ef0
15. tSwSnmpTrapd 50 PEND 803e41a0 821b70a8 8176 280 7776 821b71c0
16. tIkeMsgTask 50 PEND 803e41a0 8216f930 8176 336 4000 8216fa80
17. tWebMain 50 READY 803c8950 83697060 29984 3888 17504 83697f90
18. tWebListenS 50 PEND 8035a320 836049b0 19984 368 19368 83604b20
19. tWebMainS 50 PEND 8035a320 8360c1b0 29984 192 29736 8360c270
20. tIpFragClean 55 DELAY 803c0f64 83868708 4080 136 3824 83868790
21. tDHCP 100 PEND 8035a320 835ff888 9984 600 6464 835ffae0
22. tDHCPC 100 PEND 803e41a0 8367f388 9984 264 9664 8367f490
23. tDHCPrefresh 101 PEND+T 803e41a0 835fd0d8 2496 216 2160 835fd1b0
24. tGSCLiveCheck 103 DELAY 803c0f64 820d9cd0 9984 192 8336 820d9d90
25. tDEACheckDEAServer 104 DELAY 803c0f64 820eaaa8 49968 120 43256 820eab20
26. tCRL 128 PEND 8035a320 83613408 9312 168 8776 836134b0
27. tL2tpServerTask 130 PEND 8035a320 82109ab0 19984 432 17712 82109c60
28. tDhcprGarbage 150 PEND+T 803e41a0 8210bcc0 7984 256 7672 8210bdc0
29. tSnmpd 150 PEND 8035a320 83b55648 28656 2776 25824 83b56120
30. tRandSeedTask 200 DELAY 803c0f64 838667d0 3984 112 3752 83866840
31. tSnmpTmr 200 PEND 803e41a0 83b571b0 4080 400 3624 83b57340
32. tChkCable 200 DELAY 803c0f64 83b58b18 4080 136 3744 83b58ba0
33. tTODTask 200 DELAY 803c0f64 83843730 3984 112 3704 838437a0
34. tDDNSS 225 PEND 8035a320 821aebe8 7984 120 7784 821aec60
35. tResetSwitch 245 DELAY 803c0f64 83fe5f68 4080 136 3824 83fe5ff0
36. tDcacheUpd 250 READY 803c0f64 83fefbb8 4992 152 4696 83fefc50
37. tMzZgc 250 DELAY 803c0f64 83b4d200 4080 112 3728 83b4d270
38. tNtp 254 DELAY 803c0f64 8367ca60 14992 256 11440 8367cb60
Diagnostic
PB version = 119
registered = 1
Upgrade Level = 165
Watch Dog on = 1
ARP bridge on = 1
Clear DF (Don't Fragment) bit = 0
SYN Flood Prevention = 1
SYN Flood Prevention in Watch mode = 1
Don't Restart for Watchdog Task = 0
Use Ipsec Hardware In = 1
Use Ipsec Hardware Out = 1
Trace message level: Warning
HTTP/HTTPS Management via the WAN disabled
Product
Product Code Value: 511
Language: eng
Short Model Name: TZ 170 Standard
Max SAs Allowed: 10
Max Connections: 6144
Connection Hash Size: 6143
Max Connections when using GAV/IPS: 6144
Connection Hash Size using GAV/IPS: 6143
Max Connected Users: 25
Max Local Users: 100
Max User Logins: 150
Max Firewall Rules: 100
HA Groupings: haGroupNone
VPN: UPGRADED, available
HA: NONE
Viewpoint: UPGRADED, available
One Arm Mode: UPGRADED, available
RIP Advertisement: UPGRADED, available
Web Pool Size: 1200
Max IFP Cache Size: 3072
Ethernet Loaner Buffers: 220
Max Queued Pkts: 220
Max Bwmgmt Rules: 20
Interface Names WAN/LAN/OPT
Modem Failover: No
Minimum Firmware Version: c000
Maximum Firmware Version: 0
ManyToOneOn: 1
AES Supported: 1
Fips140: 0
DHCPS Ranges: 255
DHCPS Leases: 1024
Enh Upgrade Code: 611
GMS firmware image name prefix: sw_tz170_s_eng_
maxIPSTCPConnections: 6144
maxGAVConnections: 6144
maxGAVConcurrentCompressed
maxIPS576ByteBuffers: 1000
maxIPS1500ByteBuffers: 1000
Update
Auto Update
fwauParamsShow parameter values:
autoUpdateEnabled: 1
fwNoticeVersion:
fwCurrentStatus: upToDate
fwUpdateVersion:
fwUpdateUrl:
fwRelnotesUrl:
fwUpdateImageSize: 0
fwUpdateImageHash:
updateCheckLastTimeStamp 09/23/2006 08:44:00.560
updateCheckSuccessLastTime
updateGetLastTimeStamp 01/00/1900 00:00:00.000
updateGetSuccessLastTimeSt
GST(strFirmwareAutoCheckSe
GST(strFirmwareAutoCheckUr
notice.notifyFirmwareChang
notice.releaseNotesVers: D100
Firmware update lookup at 9:44
Network
Network mode: NAT Enabled
LAN IP = 192.168.0.1
LAN Subnet Mask = 255.255.255.0
WAN/NAT public IP = 10.100.223.254
WAN Subnet Mask = 255.255.255.0
WAN Gateway = 10.100.223.1
Nat M21: 1
DNS Server1 = 192.168.0.10
DNS Server2 = 10.100.1.40
DNS Server3 = 0.0.0.0
cacheTimeout = 15
httpProxyName = ''
httpProxyPort = 0
Bypass Proxy server upon failure = 0
Forward OPT Client Requests to proxy server = 0
NetBIOS LAN->OPT = 1
NetBIOS OPT->WAN = 0
NetBIOS OPT->LAN = 1
NetBIOS LAN->WAN = 0
Stealth Mode = 0
Randomize IP ID = 0
IP Spoof Checking = 1
Enable IP Header checksum validation = 0
Enable TCP checksum validation = 0
Enable UDP checksum validation = 0
Enable ICMP checksum validation = 0
OPT in NAT Mode
OPT IP = 0.0.0.0
OPT Subnet = 255.255.255.0
OPT Many to One Public IP = 0.0.0.0
Intranet Mode: No Ranges
Number of Intranet Ranges 0
Number of LAN Subnets 0
NAT 121: 0, num1To1Ranges=0
Routing Table:
Internal Routing Tree:
Routes currently in router
network mask (or range) gateway address gateway interface
0.0.0.0 0.0.0.0 10.100.223.1 WAN
10.100.223.0 255.255.255.0 0.0.0.0 WAN
10.100.223.1 255.255.255.255 0.0.0.0 WAN
10.100.223.254 255.255.255.255 0.0.0.0 LAN/OPT
192.168.0.0 255.255.255.0 0.0.0.0 LAN
192.168.0.1 255.255.255.255 0.0.0.0 LAN
255.255.255.255 255.255.255.255 0.0.0.0 LAN
LAN RIP Settings:
RIP Advertisement Disabled
OPT RIP Settings:
RIP Advertisement Disabled
RIP dynamic memory usage -- current: 0 bytes high: 0 bytes
Ethernet
Proxy Router Enet = 0
Router Enet: 00 00 00 00 00 00
ProxyPcMacOnWan = 0
PcMacAddrForWan: 00 00 00 00 00 00
Unique Mac Addrs = 1
WAN MAC: 00 06 B1 2D 72 CA
LAN MAC: 00 06 B1 2D 72 C8
OPT MAC: 00 06 B1 2D 72 C9
Fragment outbound packets larger than WAN MTU: 1
WAN MTU: 1500
CP Wan MTU: 1500
WAN Ignore DF Bit for non-VPN traffic: 1
Bandwidth Management WAN: enabled: 0, available 20.000
Services
1, Any, 65535-65535, IP Type 255, logging
2, Authentication, 113-113, TCP, logging
3, Chat (IRC), 194-194, TCP, logging
4, Chat (IRC), 6666-6666, TCP, logging
5, Chat (IRC), 6667-6667, TCP, logging
6, Chat (IRC), 6668-6668, TCP, logging
7, Chat (IRC), 6669-6669, TCP, logging
8, Chat (IRC), 6670-6670, TCP, logging
9, Chat (IRC), 7000-7000, TCP, logging
10, Citrix, 1494-1494, TCP, logging
11, Citrix, 1604-1604, UDP, logging
12, Echo, 7-7, TCP, logging
13, Echo, 7-7, UDP, logging
14, Enhanced TV, 9000-9000, TCP, logging
15, File Transfer (FTP), 21-21, TCP, logging
16, Filemaker, 5003-5003, TCP, logging
17, Filemaker, 5003-5003, UDP, logging
18, Gatekeeper (H323), 1718-1718, UDP, logging
19, Gatekeeper (H323), 1719-1719, UDP, logging
20, Gopher, 70-70, TCP, logging
21, HTTPS, 443-443, TCP, logging
22, IMAP3, 220-220, TCP, logging
23, IMAP4, 143-143, TCP, logging
24, IPSec (ESP), 0-0, IP Type 50, logging
25, Kerberos, 88-88, TCP, logging
26, Kerberos, 88-88, UDP, logging
27, Key Exchange (IKE), 500-500, UDP, logging
28, LDAP, 389-389, TCP, logging
29, Lotus Notes, 1352-1352, TCP, logging
30, Name Service (DNS), 53-53, TCP, logging
31, Name Service (DNS), 53-53, UDP, logging
32, NetBios, 137-137, TCP, logging
33, NetBios, 137-137, UDP, logging
34, NetBios, 138-138, TCP, logging
35, NetBios, 138-138, UDP, logging
36, NetBios, 139-139, TCP, logging
37, NetBios, 139-139, UDP, logging
38, News (NNTP), 119-119, TCP, logging
39, NFS, 2049-2049, TCP, logging
40, NFS, 2049-2049, UDP, logging
41, NTP, 123-123, UDP, logging
42, PC Anywhere, 5631-5631, TCP, logging
43, PC Anywhere, 5632-5632, UDP, logging
44, Ping, 8-8, ICMP, logging
45, Ping, 0-0, ICMP, logging
46, PPTP, 1723-1723, TCP, logging
47, Quicktime, 554-554, TCP, logging
48, RealAudio, 7070-7070, TCP, logging
49, Retrieve E-Mail (POP3), 110-110, TCP, logging
50, Send E-Mail (SMTP), 25-25, TCP, logging
51, SIP, 5060-5060, UDP, logging
52, SNMP, 161-161, UDP, logging
53, SNMP, 162-162, UDP, logging
54, SSH, 22-22, TCP, logging
55, Syslog, 514-514, TCP, logging
56, Syslog, 514-514, UDP, logging
57, Telnet, 23-23, TCP, logging
58, Terminal Services, 3389-3389, TCP, logging
59, Terminal Services, 3389-3389, UDP, logging
60, TFTP, 69-69, UDP, logging
61, Timbuktu, 407-407, TCP, logging
62, Timbuktu, 407-407, UDP, logging
63, Timbuktu, 1417-1417, TCP, logging
64, Timbuktu, 1418-1418, TCP, logging
65, Timbuktu, 1419-1419, TCP, logging
66, Timbuktu, 1419-1419, UDP, logging
67, Timbuktu, 1420-1420, TCP, logging
68, Unix Printer (LPR), 515-515, TCP, logging
69, Video Conference (H323), 1720-1720, TCP, logging
70, Web (HTTP), 80-80, TCP, logging
71, WGS External Authentication, 4043-4043, TCP, logging
72, Whiteboard (T120), 1503-1503, TCP, logging
73, NT Domain Login, 135-135, TCP, logging
74, NT Domain Login, 137-137, TCP, logging
75, NT Domain Login, 137-137, UDP, logging
76, NT Domain Login, 138-138, TCP, logging
77, NT Domain Login, 138-138, UDP, logging
78, NT Domain Login, 139-139, TCP, logging
79, NT Domain Login, 139-139, UDP, logging
80, NT Domain Login, 389-389, TCP, logging
81, NT Domain Login, 88-88, TCP, logging
82, NT Domain Login, 88-88, UDP, logging
83, NT Domain Login, 1025-1025, TCP, logging
84, ShoreTel Call Control, 5440-5440, UDP, logging
85, ShoreTel Call Control, 5441-5441, UDP, logging
86, ShoreTel Call Control, 5442-5442, UDP, logging
87, ShoreTel Call Control, 5443-5443, UDP, logging
88, ShoreTel Call Control, 5444-5444, UDP, logging
89, ShoreTel Call Control, 5445-5445, UDP, logging
90, ShoreTel Call Control, 5446-5446, UDP, logging
91, ShoreTel RTP, 5004-5004, UDP, logging
92, ShoreTel IP Phone Control, 2427-2427, UDP, logging
93, ShoreTel IP Phone Control, 2727-2727, UDP, logging
94, Tivo TCP Beacon, 2190-2190, TCP, logging
95, Tivo UDP Beacon, 2190-2190, UDP, logging
96, Tivo TCP Data, 8080-8080, TCP, logging
97, Tivo TCP Data, 8081-8081, TCP, logging
98, Tivo TCP Data, 8082-8082, TCP, logging
99, Tivo TCP Data, 8083-8083, TCP, logging
100, Tivo TCP Data, 8084-8084, TCP, logging
101, Tivo TCP Data, 8085-8085, TCP, logging
102, Tivo TCP Data, 8086-8086, TCP, logging
103, Tivo TCP Data, 8087-8087, TCP, logging
104, Tivo TCP Data, 8089-8089, TCP, logging
105, Tivo TCP Desktop, 8101-8101, TCP, logging
106, Tivo TCP Desktop, 8102-8102, TCP, logging
107, Tivo TCP Desktop, 8200-8200, TCP, logging
108, HTTP Management, 80-80, mgmt, TCP, not logging
109, HTTPS Management, 443-443, mgmt, TCP, not logging
Rules
1, priority 1, HTTPS Management, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 LAN
dst IP 192.168.0.1-192.168.0.1 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt y, timeout 15
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added management rule
2, priority 2, HTTP Management, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 LAN
dst IP 192.168.0.1-192.168.0.1 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt y, timeout 15
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added management rule
3, priority 3, Key Exchange (IKE), Allow, Enabled
src IP 0.0.0.0-255.255.255.255 ANY
dst IP 192.168.0.1-192.168.0.1 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable y, auto-added y, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added inbound IKE rule
4, priority 4, Key Exchange (IKE), Allow, Enabled
src IP 192.168.0.1-192.168.0.1 LAN
dst IP 0.0.0.0-255.255.255.255 ANY
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable y, auto-added y, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Auto-added outbound IKE rule
5, priority 5, NetBios, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 OPT
dst IP 0.0.0.0-255.255.255.255 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Windows Networking Support
6, priority 6, Kerberos, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 OPT
dst IP 0.0.0.0-255.255.255.255 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added y, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment: Windows Networking Support
7, priority 7, Any, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 OPT
dst IP 0.0.0.0-255.255.255.255 WAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 15
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
8, priority 8, Any, Deny, Enabled
src IP 0.0.0.0-255.255.255.255 WAN
dst IP 0.0.0.0-255.255.255.255 OPT
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 15
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
9, priority 9, Any, Allow, Enabled
src IP 0.0.0.0-255.255.255.255 LAN
dst IP 0.0.0.0-255.255.255.255 ANY
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 5
allow fragments 1
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
10, priority 10, Any, Deny, Enabled
src IP 0.0.0.0-255.255.255.255 ANY
dst IP 0.0.0.0-255.255.255.255 LAN
timed 0, 0:00 - 0:00, Sun to Sun
nonDeletable n, auto-added n, for remote access n, auto-added mgmt n, timeout 15
allow fragments 0
bandwidth mgmt: enabled 0 guaranteed 0.000 maximum 0.000 priority 0
Comment:
Enable support for Oracle (SQLNet) is on
MSN
Enable support for Windows Messenger is on
SIP
Enable consistent NAT is off
Enable SIP Transformations is off
Permit non-SIP packets on signaling port is off
SIP Signaling inactivity time out is 1800
SIP Media inactivity time out is 120
Additional SIP signaling port is 0
Maximum VoIP Endpoints is 2048
SIP Endpoints
Contact Initiator Responder Life Bandwidth User-ID
--------------------- --------------------- --------------------- ------ ---------- -------
SIP Users: 0
SIP Calls
Endpoints Bandwidth Used Call-ID
--------- -------------- -------
SIP Calls: 0
H.323
Enable H.323 Transformations is on
Only accept incoming calls from Gatekeeper is off
Enable LDAP ILS Support is off
H.323 Signaling/Media inactivity time out is 300
Default WAN/OPT Gatekeeper IP Address is 0.0.0.0
Maximum VoIP Endpoints is 2048
H.323 Counters:
70 *PACKET_IN_ERROR 1566
367 *INIT_DONE 1
H.323 RAS Endpoints
Endpoint Gatekeeper Call Signal Call Signal (Remap) Relax TTL Tx (Bytes) Rx (Bytes) User-ID
--------------------- --------------------- --------------------- --------------------- ----- ----- ---------- ---------- -------
H.323 RAS Users: 0
H.323 Calls
From To Bandwidth Used
---- -- --------------
H.323 Calls: 0
RTSP
Enable RTSP Transformations is on
gEnableRtspSupport : 1 rtsp_debug : 0
gRtspStatefulEnable : 1 gRtspMaxRetransmit : 4
gRtspTcpMaxWindowOos : 11680 gRtspTcpMaxWindowRetransmi
gRtspTcpDropped : 1566 gRtspTcpDroppedOos : 850
gRtspTcpDroppedDuplicate : 715 gRtspTcpResyncOos : 34210
gRtspUdpMaxWindow : 1024 gRtspUdpDropped : 44966
gRtspUdpRtpDroppedSmallerW
gRtspUdpRtcpDroppedPacketT
gRtspUdpCacheLastDrop : 0x8379FABC gRtspUdpWindowSkip : 10
gRtspUdpDropSkip : 0
gRtspDecodeNotC2SCommand : 8312 gRtspDecodeNotS2CResponse : 1006002
gRtspDecodeErrC2SCommand : 1 gRtspDecodeErrS2CResponse : 950
gRtspDecodeErrHeaderGet : 0 gRtspDecodeErrHeaderModify
Drop source routed IP packets is on
Users
Max local users 100, currently 2 configured
Max user logins 150
User Authentication Method = Local
User Inactivity = 5
Max User Login Time = 30
Administrator Name = admin
Administrator Timeout = 5
Allow only auth users to Internet = 0
Services to bypass Internet auth: Name Service (DNS),Name Service (DNS),Key Exchange (IKE)
URLs to bypass access rule auth:
Services to bypass VPN auth:
Enable user lockout on login failure: no
- Lock out user after 5 failed attempts in 1 minute
- Lock out user for 5 minutes
Acceptable use policy:
'(null)'
- Enable on LAN login: yes
- Enable on WAN login: no
- Enable on DMZ login: yes
- Enable on VPN login: no
- Window size: 460 x 310
- Window scrollbars: yes
Users:
1, administrator, Bypass-Filter=0, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
2, Granite, Bypass-Filter=1, VPN Access=1,
L2TP Access=0, VPN XAUTH Client=1, Ltd Mgmt=1
Users currently connected
Addr 192.168.0.10, flags 0x22
User admin logged in, max session 0 mins
Privs: Bypass-Filter=0, VPN Access=1,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
session 135 secs, inactivity 0 secs, status fetch 0 secs
------
Authenticating client connections:
Addr 212.183.136.195, flags 0xC2
VPN Client (212.183.136.195) sessId=0x83ade7e0 user Granite logged in
Privs: Bypass-Filter=1, VPN Access=1,
L2TP Access=0, VPN XAUTH Client=1, Ltd Mgmt=1
session 45 secs, inactivity 0 secs, status fetch 0 secs
------
User IP Tree: Total free entries: 100, currently free 98
User IP Logn: Total free entries: 10, currently free 10
User IP Url: Total free entries: 10, currently free 10
User IP Sess: Total free entries: 100, currently free 100
Cache hits: 0.01%
Management
HTTP Management: 1
HTTP Management Port: 80
HTTPS Management: 1
HTTPS Management Port: 443
Https Cert name: Use Selfsigned Certificate
Certificate Common Name: 192.168.168.168
Additional Management: None
SNMP
SNMP Disabled
System Name:
System Contact:
System Location:
Get Community Name: public
Trap Community Name:
Host 1:
Host 2:
Host 3:
Host 4:
SGMS Host :
SGMS Host Trap Port = 162
Standby SGMS Host:
Standby SGMS Host Trap Port = 162
Content Filtering
Content Filter Type: CFS
Apply Content Filter on:
: LAN: 1
: OPT: 1
Restrict WEB Features:
ActiveX: 0
Java: 0
Cookies: 0
WebProxy: 0
Known Fraudulent Certificates: 0
Don't block Java/ActiveX/Cookies to Trusted Domains: 0
Custom List: Trusted Sites
number of trusted URLs 0
webBlockMsg: This site is blocked by the SonicWALL Content Filter Service.
webPoolSize = 1200
wtHighWater = 163
SonicWALL Content Filter
block custom URLs: 1
allowOnlyAllowedDomains: 0
blockURLKeywords: 1
Custom List: Allowed Sites
num allowed URLs 0
Custom List: Forbidden Sites
num forbidden URLs 0
Custom List: Forbidden Keywords
num keywords 0
TOD always-on: 1
from 08:00 to 18:00
from Mon to Fri
Consent Page
aup.showPolicyPage: 0
aup.activityTimeout: 0
aup.policyURLAdults:
aup.policyURLKids:
aup.acceptedURL:
aup.acceptedWithFilterURL:
filtered IP addresses:
none
CFS Filter
Blocked Categories:
none
Server Address = webcfs02.global.sonicwall.
Block On Fail = 1
Failed Timeout = 5
Block Blocked Sites = 1
Log Blocked Sites = 1
URL Cache Size = 3072 KB
mode1 = 1
Timeout1 = 1
Timeout2 = 0
mode2 = 1
mode4 = 3
Server Ready = 1
Server Status Code = 0
Allocated cache: 3120024 bytes
Subscription Expires On 11/14/2007
N2H2 Content Filter
Server Address =
Listen Port = 4005
Replay Port = 4005
User Name:
Block On Fail = 1
Failed Timeout = 5
Block Blocked Sites = 1
Log Blocked Sites = 0
URL Cache Size = 50 KB
Server Ready = 0
Server Status Code = 0
Websense Enterprise Content Filter
Server Address =
Server Port = 15868
User Name:
Block On Fail = 1
Failed Timeout = 5
URL Cache Size = 50 KB
Server Ready = 0
licenseCount = 0
Server Status Code = 0
Email Filtering
E-Mail Filtering Service is ACTIVATED
Mail Attachment Filtering Alert Service is enabled
MAFiA Timestamp = UTC 05/02/2005 13:46:01.000
File List:
num forbidden files 48
filename 1: _passwort-info.zip
filename 2: account_info.zip
filename 3: all users.exe
filename 4: autoemail-text.zip
filename 5: card.exe
filename 6: command.exe
filename 7: creditcard.bat
filename 8: creditcard.zip
filename 9: details.zip
filename 10: docs.exe
filename 11: document003.pif
filename 12: fifa_info-text.zip
filename 13: hot girl.scr
filename 14: hotmailpass.exe
filename 15: inf.exe
filename 16: internet file.exe
filename 17: list.txt.scr
filename 18: lol.zip
filename 19: mail.zip
filename 20: mail_info.zip
filename 21: message.zip
filename 22: monica-bellucci.jpg.vbs
filename 23: movie_0074.mpeg.pif
filename 24: nav32.zip
filename 25: notes.zip
filename 26: okticket-info.zip
filename 27: our_secret.zip
filename 28: p.exe
filename 29: part1.zip
filename 30: patch.exe
filename 31: paypal.asp.scr
filename 32: paypal.zip
filename 33: photo.zip
filename 34: searchurl.exe
filename 35: sh.scr
filename 36: shell.exe
filename 37: system.exe
filename 38: system32.exe
filename 39: system64.pif
filename 40: textfile.zip
filename 41: untitled1.pif
filename 42: usa.scr
filename 43: vpf.zip
filename 44: website.zip
filename 45: wendy.zip
filename 46: www.paypal.com.scr
filename 47: xerox-update.exe
filename 48: xxxpic.exe
Subject List:
num forbidden files 2
filename 1: i love you
filename 2: this is a virus
Forbidden Attachment Option: Disable forbidden file by altering the file extension
Warning Message Text: The attachment to your E-mail has been disabled by the SonicWALL Virus Filter. See your network administrator for details.
Logging
smtpServerName = ''
Log email:
Alert email:
Firewall Name: 0006B12D72C8
logEmailFreq: only when full
Day Of Week Sun, Time Of Day 0
Auxillary Syslog Servers(Address:Port)
Syslog Format: Default
Syslog Individual Event Rate: 60
Rate Limiting:
Event Limiting: Disabled, Threshold: 50 events/second
Syslog Output Limiting: Disabled, Threshold: 10000 bytes/second
Log Mask:
System Maintenance: 1
Attacks: 1
System Errors: 1
Dropped TCP: 1
Blocked Web Sites: 1
Dropped UDP: 1
Blocked Java etc: 1
Dropped ICMP: 1
User Activity: 1
Network Debug: 0
VPN TCP Stats: 0
Denied LAN IP: 0
Alert Mask:
Attacks: 1
System Errors: 1
Blocked Web Sites: 0
VPN Tunnel Status: 0
collectReportData = 0
ViewPoint: Upgraded
Message Queue Statistics:
Max Queue Size: 84
Queue Overflows: 0
PPPOE Client
Disabled
Disconnected
Obtain an IP Address automatically
Static IP address = 0.0.0.0
User Name:
Password: None
Inactivity Timeout Disabled
Inactivity Time 10 minutes
L2TP Client
Disabled
Disconnected
Obtain an IP address using DHCP
L2TP Host Name
L2TP Server IP Address = 0.0.0.0
User Name:
Password: None
Traffic inactivity time out Disabled
Inactivity Time 10 minutes
L2TP Gateway Address = 0.0.0.0
L2TP SonicWALL IP Address = 0.0.0.0
L2TP DNS Server1 = 0.0.0.0
L2TP DNS Server2 = 0.0.0.0
PPTP Client
Disabled
Disconnected
Obtain an IP address using DHCP
PPTP Client Host Name
PPTP Server IP Address = 0.0.0.0
User Name:
Password: None
Traffic inactivity time out Disabled
Inactivity Time 10 minutes
PPTP Gateway Address = 0.0.0.0
PPTP SonicWALL IP Address = 0.0.0.0
PPTP DNS Server1 = 0.0.0.0
PPTP DNS Server2 = 0.0.0.0
DHCP Client
active=0
DHCP Server ID = 0.0.0.0
Lease Origin=0
Lease Duration=0
DNS Server1 = 0.0.0.0
DNS Server2 = 0.0.0.0
DNS Server3 = 0.0.0.0
Domain Name = ""
Host Name = ""
DHCP Server
Enable DHCP = 1
Allow DHCP Pass Through = 0
Pool Entry 0
Flags = IS_ACTIVE DYNAMIC PROPAGATE_DNS_SETTINGS
Lease Period = 1440 minutes
Range Start = 192.168.0.100
Range End = 192.168.0.150
Interface = LAN
Default Gateway = 192.168.0.1
Subnet Mask = 255.255.255.0
Domain Name = (null)
DNS Servers = 192.168.0.10 10.100.1.40
WINS Servers =
Current leases: 22
Available Dynamic: 29
Available Static: 0
Total: 51
IPSec
vpnFeaturesOn 1
IPSec enabled on
firewall identifier: '0006B12D72C8'
VPN Netbios disabled
Fragmented Packet Handling enabled
Ignore DF (Don't Fragment) Bit enabled
Clean up Active tunnels when Peer Gw DNS name resolves to a different IP Address: enabled
Nat traversal enabled
IKE Dead-Peer-Detection(DPD) enabled, Interval 60, Threshold 3
IKE Keep Alive interval (seconds) 240
VPN Single Armed mode disabled
Override default VPN tunnel for mgmt traffic disabled
Bandwidth Management VPN: enabled: 0, guaranteed 0.000, max 0.000, priority 0
Send VPN tunnel traps only when tunnel status changes disabled
SA limit, including Group SA: 11
--- SA 1 ---
name "GroupVPN", enabled,
Phase 1 Exchange: Aggressive Mode
Phase 1: DHGroupID 2, Encrypt/Auth - 3DES SHA1
Phase 2: DHGroupID 1, Encrypt/Auth - ESP 3DES HMAC SHA1
Key Exchange: IKE with Preshared secret
VPN Terminated at: LAN
xauth on, netbios off, PFS off
ApplyNatAndRules off, ForwardPacketsToRemoteVPNs
KeepAlive off (Try-all off), CentralDhcpTunnel on
IKE SA Life time (secs) = 28800
Ipsec SA Life time (secs) = 28800
Authentication of local users off, Authentication of remote users off
gw 0.0.0.0
secondary gw 0.0.0.0
Default LAN gateway 0.0.0.0
Pre-shared Key len 16, val=F5E0530CFA1C3FE8
GroupVPN Client Settings:
User Name and Password Caching:
XAUTH User Authentication is Required
Cache XAUTH User Name and Password on Client: Single Session
Client Connections:
Virtual Adapter Settings: DHCP Lease
Allow Connections to Split Tunnels
Set Default Route as this Gateway is Not Selected
Personal Firewall on Client Machine is Not Required
Client Initial Provisioning:
Use Default Key for Simple Client Provisioning is Not Selected
IPSec Memory Usage:
Max SAs: 11
Master policy db, main array: 1232 bytes
Master policy db, SA names: 1 8 bytes
Master policy db, gw names: 0 0 bytes
Master policy db, crypto keys: 1 16 bytes
Master policy db, auth keys: 0 0 bytes
Master policy db, ph1 xforms: 1 4 bytes
Master policy db, ph2 xforms: 1 5 bytes
Master policy db, dest nets: 0 0 bytes
Master policy db, certs: 0 0 bytes
Master policy db, total: 1265 bytes
Total SAs: 1
Total IKE SAs: 1
IKE policy db, IKEInfos: 0 0 bytes
IKE policy db, IPSECPREFs: 0 0 bytes
IKE phase 1 Prefs, basic: 0 0 bytes
IKE phase 1 Prefs, transforms: 0 0 bytes
IKE phase 1 Prefs, rem ids: 0 0 bytes
IKE phase 1 Prefs, certs: 0 0 bytes
IKE phase 1 Prefs, total: 0 bytes
L2TP Server
Enabled
L2TP Keep alive time (secs) 60
DNS Server 1 = 192.168.0.10
DNS Server 2 = 193.38.113.3
WINS Server 1 = 194.117.157.4
WINS Server 2 = 0.0.0.0
Use the Local L2TP IP pool
Start IP = 192.168.1.200
End IP = 192.168.1.220
PKI:
admin certificate unactive
Admin CRL Download Scheduled = -1
User CRL Download Scheduled = -1
Admin CRL number downloaded = 0
User CRL number downloaded = 0
Third Party Certificates:
CA Certificates number imported = 0
Local Certificates number imported = 0
Certificate Signing Requests number pending = 0
RADIUS
retry count: 3, server timeout: 5
---server 1---
IPort Number = 1812
IP Address/name =
Shared Secret =
---server 2---
IPort Number = 1812
IP Address/name =
Shared Secret =
Global RADIUS user privs: Bypass-Filter=0, VPN Access=0,
L2TP Access=0, VPN XAUTH Client=0, Ltd Mgmt=0
Anti-Virus
Upgrade Status: Upgrade Required
avEnable = Disabled
avReduceTraffic = Disabled
downloadUrl =
avEncryptKey = 6b18571e39e7b2596ccd6f5d6f
daysToForceUpdate = 5
lowRiskAlert = Off
mediumRiskAlert = On
highRiskAlert = On
avLicenseCount = 0
avExpire = UTC 10/01/2004 00:00:00.000
avLowRiskAlertTimestamp = UTC 06/06/2001 04:14:00.000
avMediumRiskAlertTimestamp
avHighRiskAlertTimestamp = UTC 08/17/2005 00:49:06.000
policeOPT = Off
Disable policing from LAN to OPT = Off
Range Mode = Police All
Global security client Info:
policyGSCversion = 0
policyID = 6363636363636363f9393454ba
gscDownloadUrl = https://policymanager.sonicwall.com/ECA/GSC.msi
listSize = 225
licenseCount = 125
numActiveClients = 0
IP addr UP to date Last Replied First Ping Policy Version Num Pings
--------------- ----------------- -------------- -------------- --------------- ---------
--------------------------
IDP is Activated
IDP is NOT Enabled
IDP Reassembly is NOT Enabled
Signature database is present
Signature database download is NOT in-progress
SchedulerId is 0
Last time we received a valid signature database we successfully loaded 5563 signatures
DPIDisabled (configured) is 0
DPIDisabled (running) is 0
running signature timestamp = UTC 11/15/2006 16:21:42.000
timestamp last checked = 11/16/2006 14:17:17.352
latest available signature timestamp = UTC 11/15/2006 16:21:42.000
last successful downloaded db signature timestamp = UTC 11/15/2006 16:21:42.000
compressed signature image size = 523230 bytes
P2P signatures are NOT present
IM signatures are NOT present
Global Detect All High Priority = 0
Global Detect All Medium Priority = 0
Global Detect All Low Priority = 0
Global Prevent All High Priority = 0
Global Prevent All Medium Priority = 0
Global Prevent All Low Priority = 0
Global High Priority Redundancy Timer = 0 seconds
Global Medium Priority Redundancy Timer = 0 seconds
Global Low Priority Redundancy Timer = 60 seconds
64 byte buffer count = 1000 free
576 byte buffer count = 1000 free
1500 byte buffer count = 1000 free
packet buffer count = 3000 free
Gateway Anti-Virus is Activated
Gateway Anti-Virus is NOT Enabled
SMTP Inbound is Enabled
SMTP Outbound is NOT Enabled
HTTP is Enabled
POP3 is Enabled
IMAP is Enabled
FTP is Enabled
TCP Stream is NOT Enabled
Suppress SMTP Responses is NOT Enabled
Send Client Alert is NOT Enabled
Restrict password-protected zip files is NOT Enabled
Restrict MS-Office macro files is NOT Enabled
Restrict packed executable files is Enabled
Disable Eicar test virus detection is Enabled
Disable POP3 Auto Deletion is NOT Enabled
Disable POP3 UIDL rewriting is NOT Enabled
Enable Byte-Range HTTP requests is NOT Enabled
Enable 'REST' FTP client requests is NOT Enabled
Expiration Date = UTC 11/14/2007 00:00:00.000
running signature timestamp = UTC 11/13/2006 18:37:40.000
latest available signature timestamp = UTC 11/13/2006 18:37:40.000
Anti-Spyware is Activated
Anti-Spyware is NOT Enabled
SMTP Inbound is Enabled
HTTP is Enabled
POP3 is Enabled
IMAP is Enabled
FTP is Enabled
Outbound Spyware Scanning is Enabled
Suppress SMTP Responses is NOT Enabled
Send Client Alert is NOT Enabled
Expiration Date = UTC 11/14/2007 00:00:00.000
running signature timestamp = UTC 11/08/2006 12:38:45.000
latest available signature timestamp = UTC 11/08/2006 12:38:45.000
Global Detect All High Priority = 0
Global Detect All Medium Priority = 0
Global Detect All Low Priority = 0
Global Prevent All High Priority = 0
Global Prevent All Medium Priority = 0
Global Prevent All Low Priority = 0
Global High Priority Redundancy Timer = 0 seconds
Global Medium Priority Redundancy Timer = 0 seconds
Global Low Priority Redundancy Timer = 0 seconds
License info
LicenseNumberIps:25
License Ever Exceeded 0
License Exceed Redirect Counter: 0
License Node timeout: 900
Current Used License: 11
192.168.0.119 00:03:0D:1E:62:02 Inf=LAN
192.168.0.141 00:30:65:E0:27:92 Inf=LAN
192.168.0.113 00:B0:D0:3A:14:C9 Inf=LAN
192.168.0.109 00:0F:FE:B3:30:70 Inf=LAN
192.168.0.145 00:13:72:B4:0B:AA Inf=LAN
192.168.0.136 00:0D:56:84:8E:CC Inf=LAN
192.168.0.118 00:11:43:B2:ED:D6 Inf=LAN
192.168.0.100 00:0D:56:84:8F:05 Inf=LAN
192.168.0.112 00:0D:56:84:8F:30 Inf=LAN
192.168.0.137 00:0D:56:84:8E:D8 Inf=LAN
192.168.0.10 00:17:A4:0F:EA:99 Inf=LAN
License Exclude Node Count: 0
fwinfoDomain is: licensemanager.sonicwall.c
LicenseNumberVPNclients 1
GSC Policy Version: 0
Time
Time Zone: "UK (GMT)"
Use International time format: 0
Use DST: 1
Use UTC in log: 0
Use NTP: 1
NTP update interval: 60 minutes
Custom NTP Server List:
Current NTP server nist1.symmetricom.com
Flash Prefs Load/Save Statistics
calls made since startup: 93
smallest mem block during a save: 15340944 at time: 11/16/2006 14:17:18.352
current ASCII prefs file size: 61329
current compressed prefs file size: 20448
prefs were read at startup: Successfully
Flash Prefs Mirror State
Mirror Image A Active
Pref Pointer points to Block A
Max available pref size per Mirror: 5.500 Mbyte
DHCP over VPN
DHCP Relay Enabled : 1
Remote Gateway : 0
Central Gateway : 1
Relay IP Address : 0.0.0.0
DHCP Mgmt IP Address : 0.0.0.0
Peer Network Address : 0.0.0.0
Peer Subnet Mask : 0.0.0.0
Using IP Helper : 0
Doing IP Spoof Detect : 1
Serve Temp Lease : 0
Temp Lease Time : 120 (seconds)
GroupVPN Relay Addr : 0.0.0.0
Use Internal DHCP Server : Yes
For Global VPN Client : Yes
For Remote Firewall : No
Static IP Addresses on LAN:
Excluded Devices on LAN:
DHCP Server List:
Status:
Central Gateway Agent
Central Gateway Table with IP Address
current size: 0
maximum size: 10000
growth size: 200
table size: 200
element size: 40
Central Gateway Table with XID
current size: 0
maximum size: 5000
growth size : 200
table size : 200
element size: 32
Dynamic DNS
lineMode: 1
Number of DDNSS entries: 0
Memory Partition Statistics
status bytes blocks avg block max block
------ --------- -------- ---------- ----------
current
free 15566704 30 - 15340960
alloc 41755184 3820 - -
--Cache check----------
Cache current: 33, high water 542, added 1780177, deleted 1780144
ConnNode errors: 0, Hash List errors: 0, ConnNode cleanup errors: 0
buffer bounds check (buffer from 0x836981b8 to 0x836bc1b8)
checking freeBufferList (6111 elem)
checking unmappedList (1 elem)
checking connectionTable
checking freeNodeList (6118 elem)
total bounding errors: 0, connection table errors 0, nat table errors 0, conn node errors 0
--Cache check complete---------
1435: 'tNetTask' '../../..' 346
1435: 'tNetTask' '../../..' 346
1435: 'tNetTask' '../../..' 346
1435: 'tNetTask' '../../..' 346
61984: 'tNetTask' '../../..' 111
44934: 'tNetTask' '../../..' 346
43038: 'tNetTask' '../../..' 346
38713: 'tNetTask' '../../..' 346
26140: 'tNetTask' '../../..' 346
26033: 'tNetTask' '../../..' 346
22490: 'tNetTask' '../../..' 346
13785: 'tNetTask' '../../..' 346
13759: 'tNetTask' '../../..' 346
13759: 'tNetTask' '../../..' 346
13759: 'tNetTask' '../../..' 346
13759: 'tNetTask' '../../..' 346
63048: 'tNetTask' '../../..' 111
56182: 'tNetTask' '../../..' 346
53933: 'tNetTask' '../../..' 346
53900: 'tNetTask' '../../..' 346
53900: 'tNetTask' '../../..' 346
53900: 'tNetTask' '../../..' 346
53900: 'tNetTask' '../../..' 346
53895: 'tNetTask' '../../..' 346
53895: 'tNetTask' '../../..' 346
53892: 'tNetTask' '../../..' 346
53892: 'tNetTask' '../../..' 346
53890: 'tNetTask' '../../..' 346
53890: 'tNetTask' '../../..' 346
53889: 'tNetTask' '../../..' 346
53889: 'tNetTask' '../../..' 346
53889: 'tNetTask' '../../..' 346
53888: 'tNetTask' '../../..' 346
53888: 'tNetTask' '../../..' 346
53887: 'tNetTask' '../../..' 346
53887: 'tNetTask' '../../..' 346
11607: 'tNetTask' '../../..' 346
51838: 'tNetTask' '../../..' 346
43124: 'tNetTask' '../../..' 346
7070: 'tNetTask' '../../..' 346
48486: 'tNetTask' '../../..' 346
48486: 'tNetTask' '../../..' 346
48475: 'tNetTask' '../../..' 346
13569: 'tNetTask' '../../..' 346
13560: 'tNetTask' '../../..' 346
13532: 'tNetTask' '../../..' 346
13532: 'tNetTask' '../../..' 346
13532: 'tNetTask' '../../..' 346
32113: 'tNetTask' '../../..' 346
32104: 'tNetTask' '../../..' 346
31403: 'tNetTask' '../../..' 346
31379: 'tNetTask' '../../..' 346
31343: 'tNetTask' '../../..' 346
55918: 'tNetTask' '../../..' 346
27155: 'tNetTask' '../../..' 346
37121: 'tNetTask' '../../..' 346
23775: 'tNetTask' '../../..' 346
23648: 'tNetTask' '../../..' 346
14106: 'tNetTask' '../../..' 346
13565: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9034: 'tNetTask' '../../..' 346
9024: 'tNetTask' '../../..' 346
52170: 'tNetTask' '../../..' 346
8121: 'tNetTask' '../../..' 346
8095: 'tNetTask' '../../..' 346
58491: 'tNetTask' '../../..' 346
58491: 'tNetTask' '../../..' 346
58481: 'tNetTask' '../../..' 346
58481: 'tNetTask' '../../..' 346
58352: 'tNetTask' '../../..' 346
58352: 'tNetTask' '../../..' 346
58346: 'tNetTask' '../../..' 346
58346: 'tNetTask' '../../..' 346
58335: 'tNetTask' '../../..' 346
58335: 'tNetTask' '../../..' 346
12131: 'tNetTask' '../../..' 346
2403: 'tNetTask' '../../..' 346
39760: 'tNetTask' '../../..' 346
56106: 'tNetTask' '../../..' 346
2358: 'tNetTask' '../../..' 346
42210: 'tNetTask' '../../..' 346
41986: 'tNetTask' '../../..' 346
41986: 'tNetTask' '../../..' 346
55165: 'tNetTask' '../../..' 346
55165: 'tNetTask' '../../..' 346
55155: 'tNetTask' '../../..' 346
55155: 'tNetTask' '../../..' 346
55155: 'tNetTask' '../../..' 346
55155: 'tNetTask' '../../..' 346
42651: 'tNetTask' '../../..' 346
42650: 'tNetTask' '../../..' 346
24136: 'tNetTask' '../../..' 346
52593: 'tNetTask' '../../..' 346
52581: 'tNetTask' '../../..' 346
31720: 'tNetTask' '../../..' 346
43874: 'tNetTask' '../../..' 346
System Timer Name is tTimerTask running at priority 50 with stack size 32768 bytes
System Timer Semaphore Id is 0x83973eb0
System Timer Expiration Maximum is 128 per execute
System Timer 60 ticks per second
System Timer current slot is 6843
System Timer used 20 of total 314
System Timer used high-water 31
System Timer ExecuteCount 4758203, UpdateCount 4758203
--------------------------
id: 'name'(taskPriority, flags) @(slot, count) function(param)
--------------------------
0x83ad3990: 'expire'( 0, 0x1100) @( 921, 0) 0x8015c754(3137939487)
0x83ad39b0: 'expire'( 0, 0x1100) @( 1391, 0) 0x8015c754(3604535545)
0x83ad39d0: 'expire'( 0, 0x1100) @( 2204, 0) 0x8015c754(3451797486)
0x83ad39f0: 'expire'( 0, 0x1100) @( 2275, 0) 0x8015c754(1254434587)
0x83ad3a10: 'expire'( 0, 0x1100) @( 2362, 0) 0x8015c754(874562764)
0x83ad3a30: 'expire'( 0, 0x1100) @( 2829, 0) 0x8015c754(537441179)
0x83ad3a50: 'cachTi'( 0, 0x1100) @( 6843, 0) 0x800bb090(0)
0x83ad3a70: 'synflo'( 0, 0x1100) @( 6843, 0) 0x80054244(0)
0x83ad3a90: 'enetMo'( 0, 0x1100) @( 6845, 0) 0x8023d0e8(0)
0x83ad3ab0: 'usrTim'( 0, 0x1100) @( 6853, 0) 0x80342134(0)
0x83ad3ad0: 'tIkeRe'( 50, 0x1100) @( 6855, 0) 0x80166014(2153434912)
0x83ad3af0: 'NatTra'( 0, 0x1100) @( 6859, 0) 0x801668dc(0)
0x83ad3b10: 'IKEKee'( 0, 0x1100) @( 6872, 0) 0x80166764(0)
0x83ad3b30: 'cfsTim'( 0, 0x1100) @( 6886, 0) 0x800cd138(0)
0x83ad3b50: 'arpAge'( 0, 0x1100) @( 6888, 0) 0x8023f280(0)
0x83ad3b70: 'vpnTim'( 0, 0x1100) @( 6888, 0) 0x80152fb4(0)
0x83ad3b90: 'licens'( 0, 0x1100) @( 6943, 0) 0x80344090(0)
0x83ad3bb0: 'LdapLi'( 0, 0x1100) @( 6947, 0) 0x802d6a78(0)
0x83ad3bd0: 'IKETun'( 0, 0x1100) @( 7043, 0) 0x8016682c(0)
0x83ad3bf0: 'fwUpda'( 0, 0x1100) @(25287, 2) 0x8034b1f4(0)
--------------------------
start fdr dump
end fdr dump
Stateful statistics by protocol:
Protocol Overwrites Max Overwrite ID Errors Decode Errors
-------- ---------- ------------- --------- -------------
FTP 0 0 0 0
TFTP 0 0 0 0
NetBios 0 0 0 0
RealAudio 0 0 0 0
PPTP 0 0 0 0
HTTP 0 0 0 0
SMTP 0 0 0 0
POP3 0 0 2 0
News 0 0 0 0
Oracle 0 0 0 0
SIP 0 0 0 0
MSN 0 0 0 2
H.323 0 0 0 0
QuickTime 0 0 0 951
Invalid TCP packets before handshake: 152
------------------------in
Active Internet connections (including servers)
PCB Proto Recv-Q Send-Q Local Address Foreign Address (state)
-------- ----- ------ ------ ------------------ ------------------ -------
83ef8fbc TCP 0 2537 192.168.0.1.80 192.168.0.10.45190 ESTABLISHED
83ef8f38 TCP 0 0 192.168.0.1.80 192.168.0.10.45189 TIME_WAIT
83ef8eb4 TCP 0 0 0.0.0.0.443 0.0.0.0.0 LISTEN
83ef8e30 TCP 0 0 0.0.0.0.80 0.0.0.0.0 LISTEN
83ef9148 UDP 0 0 0.0.0.0.500 0.0.0.0.0
83ef8dac UDP 0 0 0.0.0.0.67 0.0.0.0.0
83ef8908 UDP 0 0 0.0.0.0.161 0.0.0.0.0
------------------------St
type number
--------- ------
FREE : 1557
DATA : 41
HEADER : 2
SOCKET : 0
PCB : 0
RTABLE : 0
HTABLE : 0
ATABLE : 0
SONAME : 0
ZOMBIE : 0
SOOPTS : 0
FTABLE : 0
RIGHTS : 0
IFADDR : 0
CONTROL : 0
OOBDATA : 0
IPMOPTS : 0
IPMADDR : 0
IFMADDR : 0
MRTABLE : 0
TOTAL : 1600
number of mbufs: 1600
number of times failed to find space: 0
number of times waited for space: 0
number of times drained protocols for space: 0
__________________
CLUSTER POOL TABLE
__________________________
size clusters free usage
--------------------------
64 512 485 94002
128 512 495 102295
256 512 508 6209
512 256 256 5866
1024 200 200 4270
2048 100 100 11683
--------------------------
------------------------St
type number
--------- ------
FREE : 472
DATA : 0
HEADER : 0
SOCKET : 8
PCB : 11
RTABLE : 12
HTABLE : 0
ATABLE : 0
SONAME : 0
ZOMBIE : 0
SOOPTS : 0
FTABLE : 0
RIGHTS : 0
IFADDR : 8
CONTROL : 0
OOBDATA : 0
IPMOPTS : 0
IPMADDR : 1
IFMADDR : 0
MRTABLE : 0
TOTAL : 512
number of mbufs: 512
number of times failed to find space: 0
number of times waited for space: 0
number of times drained protocols for space: 0
__________________
CLUSTER POOL TABLE
__________________________
size clusters free usage
--------------------------
64 64 57 41
128 64 46 7543
256 64 57 4912
512 64 56 7532
--------------------------
------------------------SW
__________________
CLUSTER POOL TABLE
__________________________
size clusters free usage
--------------------------
2048 1720 967 85290198
--------------------------
DHCP bindings
--------------------------
IP Address Type Status H/W Address Expire time
--------------------------
192.168.0.100 DYNAMIC LEASED 00:0D:56:84:8F:05 2006-11-17 09:15:50
192.168.0.102 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.103 DYNAMIC LEASED 00:0A:95:C4:3F:78 2006-11-17 10:34:46
192.168.0.108 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.109 DYNAMIC LEASED 00:0F:FE:B3:30:70 2006-11-17 08:56:38
192.168.0.112 DYNAMIC LEASED 00:0D:56:84:8F:30 2006-11-17 08:25:08
192.168.0.113 DYNAMIC LEASED 00:B0:D0:3A:14:C9 2006-11-17 13:11:00
192.168.0.116 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.118 DYNAMIC LEASED 00:11:43:B2:ED:D6 2006-11-17 08:53:29
192.168.0.119 DYNAMIC LEASED 00:03:0D:1E:62:02 2006-11-17 09:50:02
192.168.0.126 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.127 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.128 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.135 DYNAMIC LEASED 00:0D:56:84:8F:39 2006-11-17 05:53:42
192.168.0.136 DYNAMIC LEASED 00:0D:56:84:8E:CC 2006-11-17 09:05:49
192.168.0.137 DYNAMIC LEASED 00:0D:56:84:8E:D8 2006-11-17 09:14:06
192.168.0.138 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.141 DYNAMIC LEASED 00:30:65:E0:27:92 2006-11-17 09:21:31
192.168.0.143 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.145 DYNAMIC LEASED 00:13:72:B4:0B:AA 2006-11-17 08:54:02
192.168.0.146 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
192.168.0.149 DYNAMIC LEASED 00:17:A4:0F:EA:99 2006-11-17 10:07:03
--------------------------
Static ARP Entries: No Entries
ARP Cache entry timeout: 10 minutes
ARP Cache
----------------------ARP TABLE---------------------
entries=14 lookups=2789740 fails=8574 hits=2727936 misses=53230 hitRate=98 percent
--------------------------
192.168.0.119 <-> 00:03:0D:1E:62:02 (LAN) expires in 10 mins
192.168.0.113 <-> 00:B0:D0:3A:14:C9 (LAN) expires in 10 mins
192.168.0.141 <-> 00:30:65:E0:27:92 (LAN) expires in 10 mins
192.168.0.145 <-> 00:13:72:B4:0B:AA (LAN) expires in 6 mins
192.168.0.109 <-> 00:0F:FE:B3:30:70 (LAN) expires in 9 mins
10.100.223.254 <-> 00:06:B1:2D:72:CA (WAN) is permanent published
10.100.223.1 <-> 00:0A:8A:76:64:FF (WAN) expires in 10 mins
192.168.0.118 <-> 00:11:43:B2:ED:D6 (LAN) expires in 10 mins
192.168.0.136 <-> 00:0D:56:84:8E:CC (LAN) expires in 9 mins
192.168.0.100 <-> 00:0D:56:84:8F:05 (LAN) expires in 10 mins
192.168.0.112 <-> 00:0D:56:84:8F:30 (LAN) expires in 9 mins
192.168.0.10 <-> 00:17:A4:0F:EA:99 (LAN) expires in 10 mins
192.168.0.137 <-> 00:0D:56:84:8E:D8 (LAN) expires in 9 mins
192.168.0.1 <-> 00:06:B1:2D:72:C8 (LAN) is permanent published
--------------------------
---------------------NAT Policy Table--------------------
| Orig Src | Orig Dst | Orig Svc |
--------------------------
| Trans Src | Trans Dst | Trans Svc |
--------------------------
-Index: 0-Usage: 0-Priority: ff0201fa------------------
| 0.0.0.0 | 0.0.0.0 | 17 500 |
| 255.255.255.0 | | |
--------------------------
| Orig | 192.168.0.1 | Orig |
--------------------------
-Index: 1-Usage: 0-Priority: ff0201fa------------------
| 0.0.0.0 | 10.100.223.254 | 17 500 |
| 255.255.255.0 | | |
--------------------------
| 10.100.223.254 | 192.168.0.1 | Orig |
--------------------------
-Index: 2-Usage: 0-Priority: feed0224------------------
| 192.168.0.0 | 10.100.223.254 | 17 500 |
| 255.255.255.0 | | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
--------------------------
| 10.100.223.254 | 192.168.0.1 | Orig |
--------------------------
-Index: 3-Usage: 0-Priority: feed0224------------------
| 192.168.0.0 | 10.100.223.254 | 6 80 |
| 255.255.255.0 | | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
--------------------------
| 10.100.223.254 | 192.168.0.1 | Orig |
--------------------------
-Index: 4-Usage: 0-Priority: feed0224------------------
| 192.168.0.0 | 10.100.223.254 | 6 443 |
| 255.255.255.0 | | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
--------------------------
| 10.100.223.254 | 192.168.0.1 | Orig |
--------------------------
-Index: 5-Usage: 4-Priority: 8000fffe------------------
| Any | 10.100.223.254 | 17 500 |
--------------------------
| Orig | 192.168.0.1 | Orig |
--------------------------
-Index: 6-Usage: 0-Priority: 3f03fa09------------------
| 0.0.0.0 | 0.0.0.0 | Any |
| 255.255.255.0 | 255.255.255.0 | |
--------------------------
| Orig | Orig | Orig |
--------------------------
-Index: 7-Usage: 0-Priority: 3ef98eca------------------
| 0.0.0.0 | 192.168.0.0 | Any |
| 255.255.255.0 | 255.255.255.0 | |
| | 192.168.1.200- | |
| | 192.168.1.220 | |
--------------------------
| Orig | Orig | Orig |
--------------------------
-Index: 8-Usage: 0-Priority: 3ef98eca------------------
| 192.168.0.0 | 0.0.0.0 | Any |
| 255.255.255.0 | 255.255.255.0 | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
--------------------------
| Orig | Orig | Orig |
--------------------------
-Index: 9-Usage: 84-Priority: 3eef2544------------------
| 192.168.0.0 | 192.168.0.0 | Any |
| 255.255.255.0 | 255.255.255.0 | |
| 192.168.1.200- | 192.168.1.200- | |
| 192.168.1.220 | 192.168.1.220 | |
--------------------------
| Orig | Orig | Orig |
--------------------------
-Index: 10-Usage: 0-Priority: 7f03----------------------
| 0.0.0.0 | Any | Any |
| 255.255.255.0 | | |
--------------------------
| 10.100.223.254 | Orig | Orig |
--------------------------
-Index: 11-Usage: 56987-Priority: 7eee-------------------
| 192.168.0.0 | Any | Any |
| 255.255.255.0 | | |
| 192.168.1.200- | | |
| 192.168.1.220 | | |
--------------------------
| 10.100.223.254 | Orig | Orig |
--------------------------
-Index: 12-Usage: 11918-Priority: 0----------------------
| Any | Any | Any |
--------------------------
| Orig | Orig | Orig |
--------------------------
Memory Zone Report
Memory Zones used 15 of total 32
Zone Total Alloc'ed Free High ElemSize Fail EstInit EstIncr Overhead%
buf-16 10921 5624 5297 5677 16 0 10240 2048 33 (V1)
buf-32 818 742 76 764 32 0 1024 256 20 (V1)
buf-64 454 400 54 408 64 0 512 128 11 (V1)
buf-128 720 330 390 1055 128 0 256 128 6 (V1)
buf-256 248 88 160 97 256 0 256 128 3 (V1)
buf-512 62 19 43 26 512 0 64 64 3 (V1)
buf-1056 61 27 34 35 1056 0 64 32 1 (V1)
buf-2080 310 232 78 3681 2080 0 64 64 1 (V1)
buf-4128 31 8 23 10 4128 0 32 16 2 (V1)
buf-8224 61 45 16 47 8224 0 32 16 4 (V1)
buf-16416 15 10 5 12 16416 0 16 8 6 (V1)
buf-32800 45 39 6 40 32800 0 16 16 2 (V1)
share-16 1636 73 1563 80 16 0 256 256 20 (V2)
share-24 1169 95 1074 102 24 0 256 256 14 (V2)
share-40 744 0 744 0 40 0 256 256 9 (V2)
ChunkSize AllocFail TotalAlloc TotalDeall CurAlloc CurBytes CurCache fromCache toCache
32768 0 47 38 9 294912 2 36 38
65536 0 2 0 2 131072 0 0 0
131072 0 84 76 8 1048576 55 21 76
262144 0 3 0 3 786432 0 0 0
524288 0 3 0 3 1572864 0 0 0
1048576 0 0 0 0 0 0 0 0
Total Currently Malloc'ed of all chunks: 3833856 bytes
Total Currently Available of all chunks in cache: 7274496 bytes
MemoryZone alloc: invalid zone 0, invalid zone flags 0
MemoryZone free: invalid zone magic 0, invalid zone flags 0
MemoryZone free: null argument 0, invalid header 0, element already freed 0
MemoryZones: total created 15, total removed 0
Buffer Memory Zone Report
Zero-Size Allocation Request Count: 0
Non-Buffer-MemoryZone Use: Allocation Count 256, Deallocation Count 214, Current Balance 42
Non-Buffer-MemoryZone Allocation Size: min 40000, max 7000000
Non-Buffer-MemoryZone Allocation Failure Count: 0
Non-Tagged Deallocation Count: 0
Watchdog reboot information
09/22/2006 14:02:43.624 System Startup F:3.1.0.7-77s R: 3.1.0.2 0006B12D72C8 p: 511; b: 511
End of TSR
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also on the PC you are using to connect to the sonicwall run this cleanup tool
uninstall vpn client
run clean up tool
reboot PC
reinstall vpn client
ftp://ftp.sonicwall.com/pub/techSupport/
make sure you are connecting from a remote location not on the lan of the sonicwall
also on the vpn client software go to properties
peers
edit
nat tranversal and set to force on.
in the sonicwall on the Network > DHCP Server make sure the dhcp server is enabled and have a range
uninstall vpn client
run clean up tool
reboot PC
reinstall vpn client
ftp://ftp.sonicwall.com/pub/techSupport/
make sure you are connecting from a remote location not on the lan of the sonicwall
also on the vpn client software go to properties
peers
edit
nat tranversal and set to force on.
in the sonicwall on the Network > DHCP Server make sure the dhcp server is enabled and have a range
Good point about the NAT traversal jason, also sometimes helps to set NAT traversal to disabled even though that makes no logical sense...
I'm not sure it seems like an issue with the client itself, and I don't use the cleanup tool unless I'm having trouble with the client installation / uninstall.
Might be worth trying the latest version of the client...3.1.0.556? There is also a beta client that I have which has cleared up issues for me in the past, which I can find the link to if needed...
I'll wait to hear if this is still a problem first!
I'm not sure it seems like an issue with the client itself, and I don't use the cleanup tool unless I'm having trouble with the client installation / uninstall.
Might be worth trying the latest version of the client...3.1.0.556? There is also a beta client that I have which has cleared up issues for me in the past, which I can find the link to if needed...
I'll wait to hear if this is still a problem first!
ASKER
Thanks for your comments guys. Haven't had a chance to check out your advice yet, but will do so today and post to let you know how I'm getting on.
ASKER
Guys....
It's working! Upgraded the OS/firmware to the latest and that seemed to do it.
It's taken nearly two weeks off and on to get this resolved. I had previously got an MS VPN up and running in about an hour... but, best practice and all that. The customer's not paying for an extra load on their SBS DC :-)!
I'm gonna split the points. I'd just like to say thanks for the time and the trouble!
Regards,
Alan Halpin
It's working! Upgraded the OS/firmware to the latest and that seemed to do it.
It's taken nearly two weeks off and on to get this resolved. I had previously got an MS VPN up and running in about an hour... but, best practice and all that. The customer's not paying for an extra load on their SBS DC :-)!
I'm gonna split the points. I'd just like to say thanks for the time and the trouble!
Regards,
Alan Halpin
Glad it worked out for you...
On the VPN settings page configure the wan groupvpn policy on this page there is two boxes to enable vpn.
on the general tab add preshared sercert
on the proposals page uncheck Enable Perfect Forward Secrecy
advanced page check Require Authentication of VPN Clients via XAUTH put trusted users in box
client page Cache XAUTH User Name and Password on Client:single session
Virtual Adapter settings: dhcp lease > split tunnels
then create local user put in trusted users group and vpn access to lan subnets
then under local groups give trusted users access to lan subnets.