• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1144
  • Last Modified:

Sonicwall conversion from standard to enhanced

I have a PRO 2040 Standard (firmware: SonicOS Standard and I just purchased a Sonicwall NSA 3500 Enhanced (firmware: SonicOS Enhanced I have used the Sonicwall Configuration Converter (https://convert.global.sonicwall.com/). After converting the configuration I did receive a few notes indicating that:
1. Transparent mode on WAN->DMZ enabled but no network ranges defined!
     VPN GroupVPN will use SiteA as local IKE ID

     VPN SiteB will use SiteA as local IKE ID

     VPN SiteC will use SiteA as local IKE ID

This is fine, from what I can tell and the response that I have been given from Sonicwall is that it is only indicating what is will use for the loal IKE ID for each of my satellite locations. Can anyone that has seen this issue in the past verify?

2. My second issue is before uploading the converted configuration I was able to access the web interface through X0, but after uploading the converted configuration I am unable to login through the web interface. When consoled into the NSA 3500 I am able to verify:

http mgmt          on
https mgmt        on
ssh mgmt          on
ping mgmt         on
snmp mgmt       on
http user login   on
https user login on

Has anyone had problems access X0 from the web interface? I am also not able to ping the interface. If I configure X4 via console I am able to login through the web interface from X4.

Thank You,
  • 2
1 Solution
If you're running Transparent Mode on the NSA3500, then you can only access the management interface from the LAN side via HTTPS. Can you SSH from the LAN (X0) side?
TermEchoAuthor Commented:
Packetguy: I have not tried to ssh into X0, but I am unable to access it via http or https. I will try SSH.
amatson78Sr. Security EngineerCommented:
The Sonicwall conversion is aketchy at best. It sounds like somewhere along the way something was corrupted and is not allowing you to access the X0 management interface. If you factory reset can you access the management on X0 again. Then re-import and see if it is broken again. While working at Sonicwall TAC I have seen this a number of times with conversions. Normally best recomendation is when going standard to enhanced build from scratch to ensure nothing becomes corrupted. While maybe only management access now it could get worse later in in full production.
TermEchoAuthor Commented:
amatson78: Yes I have found that out. Upgrading from a standard to enhanced OS the converter does seem to be sketchy. Next to setting the device back to defaults, converting the Standard configuration with the Sonicwall Converter, and replacing a few firewall rules that did not carry over I am up and running again.

Thank You
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now