Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Website Access Issue - SonicWall TZ400W (Firmware: SonicOS Enhanced 6.5.4.14-109n) - Packets Dropped

Hello SonicWall Community,

I'm experiencing an issue where devices on our LAN and WLAN networks are unable to access a few specific websites. These websites are hosted with CrazyDomains. Here are the details:

Steps Taken:

  1. Firewall Rule Check:
    • There are no firewall rules blocking the traffic. Outbound packets are leaving our network, but we are not receiving any reply packets.
  2. Traceroute Findings:
    • A traceroute reveals that packets are going out but getting dropped after reaching IP 101.0.127.197, which is outside our network.
  3. Contacted Hosting Provider (CrazyDomains):
    • We contacted CrazyDomains, and they confirmed that the issue is not on their side. The websites are accessible from any other network, and they confirmed that our IP is not blocked.
  4. Bypassing the Firewall:
    • When we bypass the SonicWall TZ400W firewall (running firmware version SonicOS Enhanced 6.5.4.14-109n) by directly connecting the WAN cable to a PC, the websites can be accessed without any issues.

Request:

I’m seeking assistance to understand why the packets are getting dropped after a specific IP and what might be causing this issue within the SonicWall firewall, particularly for the websites hosted with CrazyDomains. Any insights or suggestions on how to troubleshoot or resolve this problem would be greatly appreciated.

Thank you in advance for your help!

Category: Entry Level Firewalls
Reply

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    You are missing some important tests and information.

    Does the traceroute drop out at the same place when the PC is directly connected to your ISP? Tracert drops are fairly normal when connecting to hosting providers as their internal routing for redundancy becomes irrelevant to the public internet.

    Do you have a static IP from your ISP? If its dynamic, does your firewall receive a different IP address and subnet than the PC? I have seen bad routing tables cause drops like you are describing because different devices receive completely different IPs and subnets from the same ISP, and some of the subnets arent properly advertised to the public internet.

    Hope that helps.

  • ChatshaChatsha Newbie ✭

    Hi @TKWITS

    Thank you for your response and suggestions.

    I performed the traceroute test by directly connecting the PC to our ISP, bypassing the firewall. The traceroute still drops after the same IP (101.0.127.197). However, when connected directly, the traceroute picks up again after a few drops and eventually reaches the destination.

    When using the SonicWall firewall, the traceroute does not pick up after the drop, which seems to indicate that the issue might be related to the firewall handling this specific route.

    To clarify, we are using a static IP from Telstra, so there shouldn't be any variability in IP or subnet assignments.

    I appreciate any further insights you might have on this. Thanks again for your help!

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    At this point either swap in a different Sonicwall with the same config, or factory reset and reconfigure the existing Sonicwall, and re-test.

Sign In or Register to comment.