Solved

Sonicwall Dropping all incoming TCP Connections

Posted on 2010-09-05
8
839 Views
Last Modified: 2012-05-10
Hello Experts,

I have another Sonicwall PRO 1260 Enhanced that I am having issues with all of a sudden. Out of all the firewalls that I manage Sonicwalls are the only ones that give me heartaches.

Starting on Friday, afternoon TCP Connections coming from he outside are being dropped. Nothing has really been changed to my knownledge. This account I have just taken over and I can't seem to figure out where this has gone wrong. I was notified when the End Users could no long remote in via SBS Remote Workplace. I went and did the normal and checked the server, and even rebooted the server. Still nothing, so I checked the firewall and looked at the logs and discovered all WAN TCP Connections are being dropped.

Now I created a backup of the device which is by habit of all firewalls I managed, and when I tried to restore the device Settings I am getting a "Error: Configurations Settings files is Corrupted" which is a firs for me.

Whats going on or what am I missing? Why would all Incoming WAN TCP Connections be dropped?

Thanks
0
Comment
Question by:rperault
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 

Author Comment

by:rperault
ID: 33606503
Update:

From within the LAN I can get to all the addresses with no problem even using the WAN IP addresses and URLs
0
 

Author Comment

by:rperault
ID: 33607444
Seriously no one has any ideas?
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 500 total points
ID: 33608578
>Why would all Incoming WAN TCP Connections be dropped?
>Nothing has really been changed to my knownledge.

classic case of someone has the password and possibly made changes.

The firewall could be maxed out on sessions, but this would more than likely affect outgoing connections from LAN to WAN, but something to look into.

How is the packer flow through the device (pps), is the CPU and/or memory maxed?

>Error: Configurations Settings files is Corrupted
sounds like something is jacked; this is where you replace the device with spare as it appears there is an issue with saving files, possible bad hardware.

Billy
0
IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

 
LVL 33

Expert Comment

by:digitap
ID: 33608640
It's possible the hardware could be corrupt or even just the loaded firmware.  The sonicwall appliance has a factory image of the firmware burned in so that if the loaded image becomes corrupted, you can reboot to original factory defaults.  Of course, it means you'll have to rebuild from scratch.

There ware two ways to get a  backup of the sonicwall.  The configuration or create a firmware backup which includes the configuration.  I usually just get the configuration.  Is that what you have?

If so, you need to restore to factory and restore the configuration.  Pull the power, hold down the reset button, and apply power while holding in the reset.  Wait 15 seconds and try to connect to the sonicwall.  Sometimes it's the default 192.168.168.168, but sometimes it keeps the prior IP.  You'll boot into a safe mode where you can select the factory image to boot from.

Once you boot, you can login using the 192.168.168.168 IP and skip the wizard.  Go to the settings page and restore the configuration file.

If the image was corrupt, explaining why the ingress TCP connections were being dropped, then the backup image would be corrupt explaining the error you got.  I'm hoping you have the configuration settings.  It's best to start over.

Do you have the sonicwall on battery backup?  If a sonicwall is unplugged then immediately plugged in, then they some times go to factory defaults or the image becomes corrupt.  My guess is someone was messing with the power.  Perhaps they couldn't get to the Internet and they power cycled the sonicwall and didn't wait the recommended 15+ seconds before applying power.
0
 
LVL 6

Expert Comment

by:Cas Krist
ID: 33612027
When you start from scratch, you might as well put in the latest firmware again (when you are in safemode). This helped me in the past two times.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33612202
True...forgot to mention that.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33623677
So, what was the answer?  Appears you selected an answer to get it off your list.  Thanks for the clarification.
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question