Technical support engineers at SonicWall require console logs to be provided for analysis when the device isn't responding via GUI or through any LAN/WAN interfaces . When the firewall locks up or becomes unresponsive there are some files, if gathered from firewall console at the time it locks up, that can help a support engineer find the probable root cause of the reported issue.
This article explains what commands should be used when a firewall locks up or becomes inaccessible via the GUI.
This article will use Putty client to gather key information over SSH connection.
Log in to SonicWall Firewall via Putty or another terminal emulator program.
To save the console output to a file browse to Session | logging.
Select option All session output under Session logging and locate a path for file to be saved as .txt.
Select the radio button Always append to the end of it and ensure Flush log file frequently box is unchecked.
Click on the session from the left hand side and type the IP address of the SonicWall under Host name and ensure SSH is selected under "Connection Type"
Serial connection type should be selected if Firewall is connected via a console cable connection.
Click on the Open to connect to the appliance via SSH and wait for username prompt, enter username/password and wait for the command line prompt to appear.
For 5.6.0.x firmware and up to 5.8.1.x
show tracelog current show tracelog last show tracelog all show tech-support
Note: On a serial 115k connection, show tech-support command can slow down the firewall so if firewall is taking time to print a command output then avoid running this command, and contact the SonicWall Support Team for further assistance.
show cpu (search for the process and see which process has highest cpu usage )
stacktrace "process name" without " " for example use stacktrace zNSM (Please run the above command for 10 to 15 times)
show mem-pools show memory show memzone show fpa show log.
For 5.9.0.x firmware versions
diag show tracelog current diag show tracelog last diag show tracelog all
diag show cpu diag show process "process name" without " "
(Please run the above command for 10 to 15 times)
?diag show mem-pools diag show cp-stats diag show memory diag show memzone diag show fpa show log view
For 6.1.1.X firmware versions 220.127.116.11 and 6.2.x.x
show tech-support diag show tracelog current diag show tracelog last diag show tracelog all
diag show cpu diag show process "process name" without " " (Please run the above command for 10 to 15 times)
diag show mem-pools diag show cp-stats diag show memory diag show memzone ?diag show fpa
diag show log
Attach the file which was saved for saving the console output to the support case for analysis.