Sonicwall Dropping all incoming TCP Connections

Hello Experts,

I have another Sonicwall PRO 1260 Enhanced that I am having issues with all of a sudden. Out of all the firewalls that I manage Sonicwalls are the only ones that give me heartaches.

Starting on Friday, afternoon TCP Connections coming from he outside are being dropped. Nothing has really been changed to my knownledge. This account I have just taken over and I can't seem to figure out where this has gone wrong. I was notified when the End Users could no long remote in via SBS Remote Workplace. I went and did the normal and checked the server, and even rebooted the server. Still nothing, so I checked the firewall and looked at the logs and discovered all WAN TCP Connections are being dropped.

Now I created a backup of the device which is by habit of all firewalls I managed, and when I tried to restore the device Settings I am getting a "Error: Configurations Settings files is Corrupted" which is a firs for me.

Whats going on or what am I missing? Why would all Incoming WAN TCP Connections be dropped?

Thanks
rperaultAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
rfc1180Connect With a Mentor Commented:
>Why would all Incoming WAN TCP Connections be dropped?
>Nothing has really been changed to my knownledge.

classic case of someone has the password and possibly made changes.

The firewall could be maxed out on sessions, but this would more than likely affect outgoing connections from LAN to WAN, but something to look into.

How is the packer flow through the device (pps), is the CPU and/or memory maxed?

>Error: Configurations Settings files is Corrupted
sounds like something is jacked; this is where you replace the device with spare as it appears there is an issue with saving files, possible bad hardware.

Billy
0
 
rperaultAuthor Commented:
Update:

From within the LAN I can get to all the addresses with no problem even using the WAN IP addresses and URLs
0
 
rperaultAuthor Commented:
Seriously no one has any ideas?
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
digitapCommented:
It's possible the hardware could be corrupt or even just the loaded firmware.  The sonicwall appliance has a factory image of the firmware burned in so that if the loaded image becomes corrupted, you can reboot to original factory defaults.  Of course, it means you'll have to rebuild from scratch.

There ware two ways to get a  backup of the sonicwall.  The configuration or create a firmware backup which includes the configuration.  I usually just get the configuration.  Is that what you have?

If so, you need to restore to factory and restore the configuration.  Pull the power, hold down the reset button, and apply power while holding in the reset.  Wait 15 seconds and try to connect to the sonicwall.  Sometimes it's the default 192.168.168.168, but sometimes it keeps the prior IP.  You'll boot into a safe mode where you can select the factory image to boot from.

Once you boot, you can login using the 192.168.168.168 IP and skip the wizard.  Go to the settings page and restore the configuration file.

If the image was corrupt, explaining why the ingress TCP connections were being dropped, then the backup image would be corrupt explaining the error you got.  I'm hoping you have the configuration settings.  It's best to start over.

Do you have the sonicwall on battery backup?  If a sonicwall is unplugged then immediately plugged in, then they some times go to factory defaults or the image becomes corrupt.  My guess is someone was messing with the power.  Perhaps they couldn't get to the Internet and they power cycled the sonicwall and didn't wait the recommended 15+ seconds before applying power.
0
 
Cas KristCommented:
When you start from scratch, you might as well put in the latest firmware again (when you are in safemode). This helped me in the past two times.
0
 
digitapCommented:
True...forgot to mention that.
0
 
digitapCommented:
So, what was the answer?  Appears you selected an answer to get it off your list.  Thanks for the clarification.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.