Comments
-
Thanks @jtuckerchug Looks like traffic flow is fine and going through the firewall and back. So traffic is looking fine but you are not seeing any events in the event logs for for things like app control right? Can you check the Zone page to see if app control is enabled? Do you see app control logs for LAN devices?
-
Hi @Maxime_Tremblay , Could you connect a device directly to a firewall interface and test it again?
-
@Florin Could you check your logging level - if its not on inform, please put it on inform and next time it happens, please check the logs again. If the logging level is inform and still there is no log events of the tunnel going down, please contact support as they will need to look deeper into this.
-
Hi @GTC Could you try accessing it from a different device on the same subnet for testing? As well as a different browser. You can also try rebooting the firewall to see if it helps. I would suggest contacting support if it continues to behave like this as well.
-
Hi @Florin Are there any other log entries after the tunnel goes down?
-
Hi @jtuckerchug Lets start with the packet capture, if you set up a capture as follows: Monitor filter tab: Ether: IP IP Type: ICMP Destination: 4.2.2.2 Enable - Enable Bidirectional Address and Port Matching All other check boxes, leave unticked Display filter: Leave fields blank and check all checkboxes at the bottom…
-
Hi @Florin This might be one for Sonicwall support to look deeper into - but i've seen these types of issues when keep alive is enabled on both sides. I saw in your post that you turned it on and off - can you check to make sure at least one side has it enabled and the other side has it disabled?
-
Do you have a recent export of your settings? You might need to boot into safemode and factory reset and re import your settings so you can change the admin password
-
Hi @Max To start troubleshooting this issue, you will want to use the packet monitor on the firewall - this should help give some hints where the issue is
-
Hi @GTC Are you trying to login to an interface where you have logged into it before with the same user/password? Are you logging in from behind the firewall or over a sslvpn/S2S/GVC?
-
Hi @MySuperSonic , The first thing to do is to run a packet capture on the firewall when the issue is happening to see the packet flow as it will give you some hints on whats going on if its at the firewall level
-
Hi @AndyDonovan What version SMA are you using? Are you using AWS or hardware? It looks like an issue with either configuration or permission. Are you also on the latest firmware? if not, could you upgrade and let us know if the issue is still happening?
-
Hi @isoleee If the password is correct - it is odd. Could you try reboot the primary firewall, then the secondary once its back, then see if you can login?