SonicOS 7 Stable? Lots of Problems with NSA4700 SonicOS 7.0.1-5023
zeroPatch
Newbie ✭
Good day and happy new year together. I hope you have a healthy 2022, not only in terms of Corona, but also in terms of the ever-growing number of security vulnerabilities.
We changed our Sonicwall firewall cluster from a NSa 4600 to a NSa 4700 in the summer of 2021. This was accompanied by an upgrade of SonicOS 7, which brought a lot of difficulties with it.
When activating the StateFull HA, the primary Sonicwall forgot its configuration. When activating the GEO IP Security Option, the entire Internet went down.
These are all fatal errors in our eyes.
But we need to move forward here. We also want to enable security features like DPI-SSL, GEO-IP, Botnet Filter, App Control. But we don't dare to do it, because we don't know how the firewall will react.
Currently we have installed the firmware SonicOS 7.0.1-5023-R1828.
Firmware 7.0.1-5030 is currently available.
Do you also have problems with the new SonicOS 7? Can we install the firmware, hopefully it is more stable than the previous one.
Translated with www.DeepL.com/Translator (free version)
Answers
Hi,
first i am not familiar with v7
But i had a similar issue on nsa3650 with v6 with initial config. And it figured out, that i was affected by a seldom ROMPACK issue.
I got a new ROMPACK version from Support and installed it. Afterwards the Sonicwall dont got stuck or lost config.
Maybe you can ask Support if there is a known issue with ROMPACK?
EDIT:
found release notes:
- Fixes DTS 222852 : NSA 3650 : An error says the firmware image missing after
Firewall Restarted automatically (Many Customers)
I've upgraded to the latest patch in early November. I have an NSA3700. I have all security features turned on, DPI-SSL, CaptureATP, GAV, IDS, Anti-Spyware, Botnet, GEO-IP, MAC-IP Filtering the works. What has happened since then is every 20 days, my firewall loses connectivity to the outside/inside world. What I mean is my Internet drops, but also my internal LAN PCs no longer see the firewall either. The first time it happened I didn't know the cause - Internet was working - we have 2 connections Cable modem and Fiber. We rebooted the Sonicwall and the switches, eventually once booted up all service resumed...for 20 days...when it happened again.
When this happened the 3rd time, I thought something else was the issue but the reality now is probably that the Sonicwall did not complete its startup and when up it was fine.
The 4th time it happened, I didn't reboot because the cable modem connection was still working and called Sonicwall - that was this Wednesday. They remoted in and took a look. They confirmed that something was wrong but could not pinpoint. Was instructed to do a hard reset which it never recovered from. The RMA'd a new one which I was going to install this Sunday but now with the Reboot Loop problem I think I will hold off. I'm currently band-aided with a TZ500 at the moment.
I was going to install on Sunday but not give the latest firmware in case that was the problem and didn't want to reintroduce that again.
I have a brand new TZ-670, upgraded to newest firmware, I thought I was on some psycho drugs as settings just disappeared and I had to re-enter them. Today the remote users could not get in, the SSL VPN client lan settings disappeared. I fixed it and everyone can get in, but all the virtual office RDP connections (I have 14) have disappeared from the management portal. The users can still see them and they can connect now, but I can't change the settings or even see the links.
It's working but I don't want to touch it to try and resolve the issue.
Opened a support case.
Bit late here, but I've been watching these NSa3700's for about 18 months, and am also having issues. Not the same ones, and I have no real resolution, but instead, just a comment on what seems to be a serious decline in overall quality. I have 3 of these, connected via VPN tunnels, which SD-WAN uses to connect 3 sites. They regularly drop both connections, even though the WAN connections are different vendors entirely, which seems…unlikely. They generally come back on almost immediately. One of them has started to just freeze, hard, with the fan blowing at max RPM's, zero traffic, no connectivity of any sort. Hard reset, everything comes back normal, and Sonicwall has no information on what is going on despite reviewing every log or diagnostic tool on the firewall. I think they are sending me a replacement for that, which is good, and will get me through, but my faith is gone. Granted, a 2700 isn't a hugely high-end tool, but it should reliably stay up for months, without any issues. All my firmwares are fully up to date, in pursuit of a solution to the random SD-WAN/VPN drops. No help.
I've read about and tested the comparable Fortinet, and hopefully these will limp home for the duration of my service contract, but then I'm shifting over. The costs are comparable, and the feedback on Fortinet online is nearly unanimously very good. I don't want to have to drive to a site on a Thursday night at 11pm to push the power button on a supposedly enterprise-grade piece of hardware every couple of months. Clinching this for me has been tales from peers outside of my company who have had similar problems of a random nature, all of which paints a picture of a product that just…isn't very good anymore. Sad to say it, because after many years I'm very familiar with them and will have to re-learn everything. But hey…maybe that'll be fun.
I have some time left with these, though. I suppose if they right the ship I'll stay the course. If I pull a firmware update that stops the random drops, and I don't have anymore locking up problems, and the feedback out there in the world changes, I guess we'll just see. If I had to decide today, I'd move to Fortinet.