We help IT Professionals succeed at work.

Cox Sonicwall Firewall 4060

710 Views
Last Modified: 2012-05-09
Quick question I have cox business and just got a sonicwall 4060. I did a factory reset and using the setup wizard entered the ISP static IP address, Sub-Net, Gateway and dns (double and triple checked). Yet using a laptop I can get to the sonicwall web interface via the ip, but no where else (ie google).

any ideas?
Comment
Watch Question

Tom ScottConsultant

Commented:
Depends on which of the SonicWALL's interfaces to which the laptop is connecting.
X0 is the default "LAN" or private address.  However, you can connect via the other ports, such as X2, as well yet NOT have access beyond the public or "WAN" interface X1 unless said port (X2?) is configured to be in the LAN zone.
 - Tom

Author

Commented:
Laptop on X0
Cox on X1
Tom ScottConsultant

Commented:
For a diagnostic, see if you can ping the ISP gateway as defined for X1.
 - Tom

Author

Commented:
The network will replace my laptop, I am just setting this up
Tom ScottConsultant

Commented:
If you can ping the gateway, try:
Maybe DNS is not correct or otherwise non-functional.
 - Tom

Author

Commented:
I have tried pinging google and 66.102.7.99 (google ip) and dns servers. No joy!

Author

Commented:
I have checked all out going (lan to wan) is allowed

Author

Commented:
Cant ping the cox gateway. I can get on cox direct. I have made no changes besides the quick setup. Do i have to reg the sonicwall to get it to work?
Tom ScottConsultant

Commented:
Were you able to ping your DNS server addresses?
When you ping www.google.com, does it resolve to an IP address?
 - Tom

Author

Commented:
nope
Tom ScottConsultant

Commented:
So you confirm you have no ping to all three:
  • Gateway
  • DNS servers, primary and secondary
  • www.google.com (and it will not resolve to an IP address).
Have you looked at the logs?  There should be records for all the dropped packets.
Even if Allow All LAN to WAN is set, if ICMP is denied by a previously rule, you will have NO ping nor tracert (trace route).
 - Tom
Tom ScottConsultant

Commented:
I was referring to the firewall's logs above.
 - Tom

Author

Commented:
Yes from my laptop or the sonicwalll test tools
Tom ScottConsultant

Commented:
Anything in the logs regarding your ping attempts?
 - Tom

Author

Commented:
This is a screen shot right after a reboot and ping

http://gyazo.com/b6208c131101597b92c211ad99938a9a.png
Tom ScottConsultant

Commented:
There is only one ping attempt in the log clip.  It appears to be a successful ping of your ISP's gateway from the firewall itself. This appears to be normal function (code 0 not code 3 unreachable).
However, the WAN (X1) port is going up and down. That is not good.  Some possible causes include:
  • Someone is disconnecting and reconnecting a patch cable.
  • Your public switch is going up and down.
  • If you are not using a public switch but a modem of some kind, the modem may be going up and down.
  • Your firewall has become defective since the factory reset.
The successful ping could have been a luck shot getting through between WAN port failures.
Some diagnostics:
  1. Watch the LED for X1 and all the LEDs for whatever device is attached to X1 (WAN).
  2. When you say that you were able to get "on cox direct", may I assume that you connected a computer directly to the Internet access point outside your firewall and successfully pinged or web browsed from there? If not, you may try this to rule out the firewall as the issue.
  3. Recheck the patch cable on X1, swapping it out to eliminate it as a possible cause.
  4. If you have a spare switch, you could try swapping that in temporarily as well.
  5. The timing could be coincidental to your factory reset.  However, possibly the reset introduced corruption (due to power fluctuation, etc.).  In response, you could try another factory reset; run JUST the basic setup wizard and test again.
I would perform each of the above steps INDIVIDUALLY (keep it simple).
Note:  The ping from the firewall itself does NOT determine that pings from your private subnet are blocked by a firewall rule since pinging from the firewall itself to the public subnet never involves the LAN zone.
 - Tom

Author

Commented:
ok the up and down is me,

ping screen shot
http://gyazo.com/7309d9edc8930d8c197e07a832fffdf8.png

I have done another factory reset on the sonic firewall

Author

Commented:
After doing the basic setup still no joy, I have replaced all the cables, still no joy!

I am almost ready to make this thing learn to fly!
Tom ScottConsultant

Commented:
What is the WAN (X1) port of the firewall plugged into?
If it is a switch, have you tried using a spare (as a diagnostic)?
Did you jacking a computer outside your firewall and pinging the same IP as well as some others?
 - Tom
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Tom ScottConsultant

Commented:
Are you saying it locked out the MAC address of the firewall or of a computer you tried to use on the public subnet for testing?
 - Tom

Author

Commented:
It locked on to the MAC address of my laptop so it would not allow the firewall to work once connected
Tom ScottConsultant

Commented:
That makes perfect sense.  Usually the MAC locks time-out after 15 minutes.
If I understand you above, Cox locks out MACs for business customers but NOT for home customers.  Usually it is the opposite.  Kind of limits your options for diagnostics, etc.
Oh well, you have the fix.  Cox should be able to drop the MAC lock and get you going with the firewall.
 - Tom

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.