Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


TZ-370W default config spewing unsolicited messages out its WAN port

B83B83 Newbie ✭

My factory configured TZ-370W is spewing messages out its WAN port targeting '', 'google user content', and who knows what else at a rate of about 5 per second.

Its an internal firewall without Internet access and floods its surrounding devices & logs with noise. I don't like any device trying to contact external entities without explicit permission to do so .
My other (non-SonicWall) firewalls do not do this and are quiet on the network.
Is there a way I can make this TZ-370W stop this behavior?
I appreciate any helpful guidance. Thank you.

Category: Mid Range Firewalls

Best Answer

  • Options
    BWCBWC Cybersecurity Overlord ✭✭✭
    Answer ✓

    @B83 the Firewall isn't doing it by itself, you could check the TSR if there is any occurence of which gives you a hint where it's used. If it's not in the TSR then it must be generated externally, which you can find with a Packet Monitor looking for

    My best guess would be that the DNS is configured to, but I bet you checked this already.



  • Options
    B83B83 Newbie ✭

    "..but I bet you checked this already." don't bet on me on this kind of stuff! I did look, but obviously not like you experts would have. Your comment launched a more detailed search and indeed, is the third default DNS of the TZ-370W. I learned more about this firewall, thanks. And packet details, too. It is not the TZ-370W. We proved that by removing it from the network & connecting its WAN port to a recorder..clean! Thanks very much BWC!

  • Options
    B83B83 Newbie ✭

    I apparently spoke too soon. This morning unsolicited messages were again coming out of the TZ-370W at a rate of 1 per second.
    Here is a random sample:
    ... name = name = name =
    WiFi disabled.
    No cables, except WAN (X1) to recorder.

    With the cable removed we get zero messages.
    With the cable installed we get 1 message per second from the TZ-370 WAN (X1) port.

    I am not a network expert by any stretch, so I hope someone else with a TZ-370W can
    replicate these conditions & see if this is not something Im goofing up (highly likely).
    If real I would like to know how to shut it off, that's for sure.
    Thanks everyone! have a good day

Sign In or Register to comment.