Link to home
Start Free TrialLog in
Avatar of rperault
rperault

asked on

Sonicwall Dropping all incoming TCP Connections

Hello Experts,

I have another Sonicwall PRO 1260 Enhanced that I am having issues with all of a sudden. Out of all the firewalls that I manage Sonicwalls are the only ones that give me heartaches.

Starting on Friday, afternoon TCP Connections coming from he outside are being dropped. Nothing has really been changed to my knownledge. This account I have just taken over and I can't seem to figure out where this has gone wrong. I was notified when the End Users could no long remote in via SBS Remote Workplace. I went and did the normal and checked the server, and even rebooted the server. Still nothing, so I checked the firewall and looked at the logs and discovered all WAN TCP Connections are being dropped.

Now I created a backup of the device which is by habit of all firewalls I managed, and when I tried to restore the device Settings I am getting a "Error: Configurations Settings files is Corrupted" which is a firs for me.

Whats going on or what am I missing? Why would all Incoming WAN TCP Connections be dropped?

Thanks
Avatar of rperault
rperault

ASKER

Update:

From within the LAN I can get to all the addresses with no problem even using the WAN IP addresses and URLs
Seriously no one has any ideas?
ASKER CERTIFIED SOLUTION
Avatar of rfc1180
rfc1180
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
It's possible the hardware could be corrupt or even just the loaded firmware.  The sonicwall appliance has a factory image of the firmware burned in so that if the loaded image becomes corrupted, you can reboot to original factory defaults.  Of course, it means you'll have to rebuild from scratch.

There ware two ways to get a  backup of the sonicwall.  The configuration or create a firmware backup which includes the configuration.  I usually just get the configuration.  Is that what you have?

If so, you need to restore to factory and restore the configuration.  Pull the power, hold down the reset button, and apply power while holding in the reset.  Wait 15 seconds and try to connect to the sonicwall.  Sometimes it's the default 192.168.168.168, but sometimes it keeps the prior IP.  You'll boot into a safe mode where you can select the factory image to boot from.

Once you boot, you can login using the 192.168.168.168 IP and skip the wizard.  Go to the settings page and restore the configuration file.

If the image was corrupt, explaining why the ingress TCP connections were being dropped, then the backup image would be corrupt explaining the error you got.  I'm hoping you have the configuration settings.  It's best to start over.

Do you have the sonicwall on battery backup?  If a sonicwall is unplugged then immediately plugged in, then they some times go to factory defaults or the image becomes corrupt.  My guess is someone was messing with the power.  Perhaps they couldn't get to the Internet and they power cycled the sonicwall and didn't wait the recommended 15+ seconds before applying power.
Avatar of Cas Krist
When you start from scratch, you might as well put in the latest firmware again (when you are in safemode). This helped me in the past two times.
True...forgot to mention that.
So, what was the answer?  Appears you selected an answer to get it off your list.  Thanks for the clarification.