Our SonicWall Firewall Is Restarting Automatically
jvpangan17
Newbie ✭
Hi Everyone,
I'm new to SonicWall and currently facing an issue with our firewall. It has been repeatedly restarting automatically, even though we haven't made any configurations. This problem started on September 27 and continues to persist. Any possible solutions or recommendations would be greatly appreciated. Thank you in advance!
Category: High End Firewalls
Tagged:
0
Answers
Device, OS version ?????
@jvpangan17 Model and Firmware release would be nice to know, this helps if it's a known issue fixed already on the way. Are the reboots random or usually at the same time?
—Michael@BWC
open ticket.
extract techSupport report
find "reboot"
I have similary problems:
"09/28/2024 17:07:54.416Reboot due to task suspension09/28/2024 17:07:54.416Task Trace tWebMain11:
tWebMain11 810d07c8 de67b910 5 STOP+I 81870070 de678590 ad0003 0
Stack trace of tWebMain11:
0x8010c1b0 -> 0x8010d160
0x8010d1d0 -> 0x81878bf8
0x81878c30 -> 0x81877fb0
0x81878b54 -> 0x81870068
0x81870070
Up: 1 d, 3:41:20"
support solutions → upgrade firmware
Hello @jvpangan17, have you reviewed this PSIRT advisory that was published on 8/22?
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015
Model : NSA 5600
Firmware Version : SonicOS Enhanced 6.5.4.8-89n
Our licensed was expired however the management want to know first the root cause to them to justify. And we already told them that the possible root cause is due to unlicensed. Is it possible to avail only the Support and Professional Service?
not yet will check it. Thanks
random reboot, sometimes in the midnight around 11PM-2AM and sometime in the morning around 7AM-12AM
@jvpangan17 that sounds like a dilemma, not having a current support does not help in that case. Maybe @Community Manager has access to the Release Notes since 6.5.4.8, I have only access to 6.5.4.13 and 6.5.4.15 and there was nothing reboot related mentioned in there.
But it might be related to the fixed vulnerabilities regarding remote access. Your appliance is at risk if it is available somehow from the Internet by VPN etc.
—Michael@BWC
This is unlikely - it's possible that Sonicwall "accidentally" a bug to encourage you to buy licenses but this would be pretty underhanded behaviour.
The more likely explanation is the SSLVPN vulnerability; tWebMain is [I believe] responsible for handling SSLVPN connections. So the answer is to pay for service and update the firmware.
Noted @BWC and @Arkwright. Thank you so much for the insight and recommendation.
Hi @BWC and @Arkwright ,
Good Day!
We've been seeing the message log "Failed to resolve name," and shortly after this log appears, the SonicWall firewall automatically reboots within a 10-20 minute interval.