Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Sonicwall TZ170 login credentials have changed...cant get access

Posted on 2006-11-29
26
Medium Priority
?
338 Views
Last Modified: 2010-04-08
I have a Sonicwall TZ170 running the enhanced OS (intrusion prevention, monitorin, etc) and have only had it for the last 2 months.

i work with an external IT engineer, and late last week reported to me that his settings and access had been lost, however my rmote access and login access to the firewall were fine (we use the same username/password).

As of monday i now cant accss the firewall due to bad username or password. Only chagned i have made int he firewall are ports, i have ad created a few servies and access rules and forwarded a few ports.

Now i have contacted sonicwall and they have said that configuring ports and services in no way can afftect/alter the login credentials...the only way that it could have been changed is if it had been changed purposly and that even if someone have "hacked in" the enhanced OS and other features would have notified me and known and would have most likely prevented this....

Is it somehow possible in any way shape or form that forwarding ports would have caused this??? anyone input would be greatly appreciated...
0
Comment
Question by:secoadmin
  • 12
  • 12
  • 2
26 Comments
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18042444
Forwarding ports and adding firewall access rules would not cause the password to change
On the system administration page is where you change the password, but to change you must know the old password to change to a new password.  Have you tried accessing it from the wan and lan. if the username password worked for you it should have worked for him.
If your firmware got corrupt things like this could be possible
0
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18042488
from sonicwall's website:
If the SonicWALL's admin password is lost, there is no backdoor or other mechanism to bypass the administrator login. Please note that prefs files do not contain the admin name and password. So if you reset the firmware and import a current prefs file, you can gain access using the default login credentials ('admin' & 'password'). Without a current prefs file, you must reset the firmware and configure from scratch.

For models running SonicOS (Enhanced or Standard), you can reboot to factory defaults. This resets all settings including the admin name, password and LAN IP address. Import the current prefs file. The configuration is restored and use the defaults 'admin' and 'password' to login.
0
 

Author Comment

by:secoadmin
ID: 18042594
so configuring new access rules or forwarding ports couldnt have corrupted settings in the firewall either???

0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 7

Expert Comment

by:jasonpaine
ID: 18042648
Usually corrupted firmware comes from importing new firmware over the existing firmware. you can change the access rule to allow https management from a certain IP only. Have you tried connenting from the lan of the sonicwall. If https management is not enalbed you can not connect from the outside only inside the network. if you can not connect with username password from the lan reboot reset by holding in the reset button then you will go into safe mode then use admin password and boot with current settings this will not take out all of your settings.
0
 

Author Comment

by:secoadmin
ID: 18042664
i will give that a go.

yeah i have tried connecting from within the lan and it tells me wrong username and or password.
0
 
LVL 10

Expert Comment

by:budchawla
ID: 18047625
The only way I can think you may lock yourself out of a sonicwall by editing firewall rules is to disable HTTP/HTTPS access to the administration interface... but then that should give you problems accessing the login page, not give you a bad password error..

At the risk of sounding condescending, are you sure you are using the right password? Have you tried from a different PC to make sure it's not a keyboard issue or something similar? Do you have any local users set up on the firewall with "limited management capabilities"?
0
 

Author Comment

by:secoadmin
ID: 18049501
i have tried from different pc's with diff username and passwords and no luck....
0
 
LVL 10

Expert Comment

by:budchawla
ID: 18049529
I'm guessing you don't have a backup of the current settings, otherwise as jasonpaine mentioned above you would be best served by resetting the box and importing your settings...
Once you're convinced that you are using the correct password, and that it's not being typed funny etc, AFAIK you have no option but to reset the device...
0
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18064573
Any luck getting into the sonicwall?
0
 

Author Comment

by:secoadmin
ID: 18064653
no not yet, i know i will have to re-do the firewall and start from scratch but more of just to ascertain as to how you get locked out of a firewall when you ahvnt changed the password
0
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18087043
Not sure how you got locked out...usaully if a firewall access  rule got changed you would not be able to access the sonicwall...
Good luck on the reconfig
0
 

Author Comment

by:secoadmin
ID: 18089304
when i say access rule as in setting new ports.
specifiying the service and what port it will use (access rule) and then forwarding the forwarding the port..............today i will try the safemode boot and see if that works if not blow it away and start from scratch
0
 

Author Comment

by:secoadmin
ID: 18090196
i booted into safe mode.

i donwlaoded the backup images it had and then loaded the sonicwall from scaratch. it was a corrupt firmware  as i tried ot load the backed up firm ware and it said oculdnt load as it was corrupt....

so firewall is up and running.

however now i cant mail coming in..sending is fine but receiveing no go...i have created the access rule to allow:

WAN to LAN -> SMTP (p.25) to 192.168.1.2 (exchange Ip address) and no mail...lol
0
 
LVL 7

Accepted Solution

by:
jasonpaine earned 2000 total points
ID: 18090277
Did you get rid of the corupt firmware, to verify download the Tech Support Report from the system > Diagnostics at the top of the page...previous firmware has a - negative sign then corrupt
The corrupt firmware was locking you out.
create a inbound and outbound NAT policy for SMTP to go with your access rule
http://www.sonicwall.com/support/pdfs/SOS2e_Enhanced_NAT_Policies_How_To.pdf
see page 9,10;11
0
 

Author Comment

by:secoadmin
ID: 18090299
hmm okie dokie will have a look.

with NATing we dont do that from the Firewall, the Router does the NATing.

i tried:

WAN to LAN
WAN Primary IP -> Exchange IP on port 25

and no good, i did this last itme i setup the firewall it was something small i was forgetting or something in the settings that i did but cant remember waht it was

0
 

Author Comment

by:secoadmin
ID: 18090346
ohh sorry i mis read your post, my bad

will do now and let you know
0
 

Author Comment

by:secoadmin
ID: 18090422
i am having trouble adding the NAt policy.....it is not as straight forward because we are running the upgraded OS?
0
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18090707
What version are you using 3.2  3.6?
0
 

Author Comment

by:secoadmin
ID: 18090729
3.2

i am pretty sure i haev the access rule setup correctly, buts its the NAT policy that i am unsure off

WAN - LAN
WAN Primary IP -> SMTP -> Exchange
0
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18090786
On your Network > NAT Policies page: add
outbound NAT
0
 

Author Comment

by:secoadmin
ID: 18090798
i figured out the NAt policy, but i realised i forgot to allow pop3 in the acces rule to retreive mail......lol

thanks jasonpaine your a gun!!!!
0
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18090808
Opps
Outbound nat
smtp server private
smtp server private
any
original
x0
x1
enable nat

inbound
smtp server public
smtp server private
smtp
original
x1
any
enable
0
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18090811
glad to help!!
0
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18097394
is all well wit ht he sonicwall?
0
 
LVL 7

Expert Comment

by:jasonpaine
ID: 18108411
Anything else
0
 

Author Comment

by:secoadmin
ID: 18111982
nah hat shoudl bd it the rest ic an try and figure out thanks again
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question