secoadmin
asked on
Sonicwall TZ170 login credentials have changed...cant get access
I have a Sonicwall TZ170 running the enhanced OS (intrusion prevention, monitorin, etc) and have only had it for the last 2 months.
i work with an external IT engineer, and late last week reported to me that his settings and access had been lost, however my rmote access and login access to the firewall were fine (we use the same username/password).
As of monday i now cant accss the firewall due to bad username or password. Only chagned i have made int he firewall are ports, i have ad created a few servies and access rules and forwarded a few ports.
Now i have contacted sonicwall and they have said that configuring ports and services in no way can afftect/alter the login credentials...the only way that it could have been changed is if it had been changed purposly and that even if someone have "hacked in" the enhanced OS and other features would have notified me and known and would have most likely prevented this....
Is it somehow possible in any way shape or form that forwarding ports would have caused this??? anyone input would be greatly appreciated...
i work with an external IT engineer, and late last week reported to me that his settings and access had been lost, however my rmote access and login access to the firewall were fine (we use the same username/password).
As of monday i now cant accss the firewall due to bad username or password. Only chagned i have made int he firewall are ports, i have ad created a few servies and access rules and forwarded a few ports.
Now i have contacted sonicwall and they have said that configuring ports and services in no way can afftect/alter the login credentials...the only way that it could have been changed is if it had been changed purposly and that even if someone have "hacked in" the enhanced OS and other features would have notified me and known and would have most likely prevented this....
Is it somehow possible in any way shape or form that forwarding ports would have caused this??? anyone input would be greatly appreciated...
from sonicwall's website:
If the SonicWALL's admin password is lost, there is no backdoor or other mechanism to bypass the administrator login. Please note that prefs files do not contain the admin name and password. So if you reset the firmware and import a current prefs file, you can gain access using the default login credentials ('admin' & 'password'). Without a current prefs file, you must reset the firmware and configure from scratch.
For models running SonicOS (Enhanced or Standard), you can reboot to factory defaults. This resets all settings including the admin name, password and LAN IP address. Import the current prefs file. The configuration is restored and use the defaults 'admin' and 'password' to login.
If the SonicWALL's admin password is lost, there is no backdoor or other mechanism to bypass the administrator login. Please note that prefs files do not contain the admin name and password. So if you reset the firmware and import a current prefs file, you can gain access using the default login credentials ('admin' & 'password'). Without a current prefs file, you must reset the firmware and configure from scratch.
For models running SonicOS (Enhanced or Standard), you can reboot to factory defaults. This resets all settings including the admin name, password and LAN IP address. Import the current prefs file. The configuration is restored and use the defaults 'admin' and 'password' to login.
ASKER
so configuring new access rules or forwarding ports couldnt have corrupted settings in the firewall either???
Usually corrupted firmware comes from importing new firmware over the existing firmware. you can change the access rule to allow https management from a certain IP only. Have you tried connenting from the lan of the sonicwall. If https management is not enalbed you can not connect from the outside only inside the network. if you can not connect with username password from the lan reboot reset by holding in the reset button then you will go into safe mode then use admin password and boot with current settings this will not take out all of your settings.
ASKER
i will give that a go.
yeah i have tried connecting from within the lan and it tells me wrong username and or password.
yeah i have tried connecting from within the lan and it tells me wrong username and or password.
The only way I can think you may lock yourself out of a sonicwall by editing firewall rules is to disable HTTP/HTTPS access to the administration interface... but then that should give you problems accessing the login page, not give you a bad password error..
At the risk of sounding condescending, are you sure you are using the right password? Have you tried from a different PC to make sure it's not a keyboard issue or something similar? Do you have any local users set up on the firewall with "limited management capabilities"?
At the risk of sounding condescending, are you sure you are using the right password? Have you tried from a different PC to make sure it's not a keyboard issue or something similar? Do you have any local users set up on the firewall with "limited management capabilities"?
ASKER
i have tried from different pc's with diff username and passwords and no luck....
I'm guessing you don't have a backup of the current settings, otherwise as jasonpaine mentioned above you would be best served by resetting the box and importing your settings...
Once you're convinced that you are using the correct password, and that it's not being typed funny etc, AFAIK you have no option but to reset the device...
Once you're convinced that you are using the correct password, and that it's not being typed funny etc, AFAIK you have no option but to reset the device...
Any luck getting into the sonicwall?
ASKER
no not yet, i know i will have to re-do the firewall and start from scratch but more of just to ascertain as to how you get locked out of a firewall when you ahvnt changed the password
Not sure how you got locked out...usaully if a firewall access rule got changed you would not be able to access the sonicwall...
Good luck on the reconfig
Good luck on the reconfig
ASKER
when i say access rule as in setting new ports.
specifiying the service and what port it will use (access rule) and then forwarding the forwarding the port..............today i will try the safemode boot and see if that works if not blow it away and start from scratch
specifiying the service and what port it will use (access rule) and then forwarding the forwarding the port..............today i will try the safemode boot and see if that works if not blow it away and start from scratch
ASKER
i booted into safe mode.
i donwlaoded the backup images it had and then loaded the sonicwall from scaratch. it was a corrupt firmware as i tried ot load the backed up firm ware and it said oculdnt load as it was corrupt....
so firewall is up and running.
however now i cant mail coming in..sending is fine but receiveing no go...i have created the access rule to allow:
WAN to LAN -> SMTP (p.25) to 192.168.1.2 (exchange Ip address) and no mail...lol
i donwlaoded the backup images it had and then loaded the sonicwall from scaratch. it was a corrupt firmware as i tried ot load the backed up firm ware and it said oculdnt load as it was corrupt....
so firewall is up and running.
however now i cant mail coming in..sending is fine but receiveing no go...i have created the access rule to allow:
WAN to LAN -> SMTP (p.25) to 192.168.1.2 (exchange Ip address) and no mail...lol
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hmm okie dokie will have a look.
with NATing we dont do that from the Firewall, the Router does the NATing.
i tried:
WAN to LAN
WAN Primary IP -> Exchange IP on port 25
and no good, i did this last itme i setup the firewall it was something small i was forgetting or something in the settings that i did but cant remember waht it was
with NATing we dont do that from the Firewall, the Router does the NATing.
i tried:
WAN to LAN
WAN Primary IP -> Exchange IP on port 25
and no good, i did this last itme i setup the firewall it was something small i was forgetting or something in the settings that i did but cant remember waht it was
ASKER
ohh sorry i mis read your post, my bad
will do now and let you know
will do now and let you know
ASKER
i am having trouble adding the NAt policy.....it is not as straight forward because we are running the upgraded OS?
What version are you using 3.2 3.6?
ASKER
3.2
i am pretty sure i haev the access rule setup correctly, buts its the NAT policy that i am unsure off
WAN - LAN
WAN Primary IP -> SMTP -> Exchange
i am pretty sure i haev the access rule setup correctly, buts its the NAT policy that i am unsure off
WAN - LAN
WAN Primary IP -> SMTP -> Exchange
On your Network > NAT Policies page: add
outbound NAT
outbound NAT
ASKER
i figured out the NAt policy, but i realised i forgot to allow pop3 in the acces rule to retreive mail......lol
thanks jasonpaine your a gun!!!!
thanks jasonpaine your a gun!!!!
Opps
Outbound nat
smtp server private
smtp server private
any
original
x0
x1
enable nat
inbound
smtp server public
smtp server private
smtp
original
x1
any
enable
Outbound nat
smtp server private
smtp server private
any
original
x0
x1
enable nat
inbound
smtp server public
smtp server private
smtp
original
x1
any
enable
glad to help!!
is all well wit ht he sonicwall?
Anything else
ASKER
nah hat shoudl bd it the rest ic an try and figure out thanks again
On the system administration page is where you change the password, but to change you must know the old password to change to a new password. Have you tried accessing it from the wan and lan. if the username password worked for you it should have worked for him.
If your firmware got corrupt things like this could be possible