Obtaining diagnostic Logs/data from console cable connection when Firewall is freezing/locking
03/26/2020 511 9891
Technical support engineers at SonicWALL require console logs to be provided for analysis when the device isn't responding via GUI or through any LAN/WAN interfaces . When the firewall locks up or becomes unresponsive there are some files, if gathered from firewall console at the time it locks up, that can help a support engineer find the probable root cause of the reported issue.
This article explains what commands should be used when a firewall locks up or becomes inaccessible via the GUI.
This article will use Putty client to gather key information over SSH connection.
- Log in to SonicWALL Firewall via Putty or another terminal emulator program.
- To save the console output to a file browse to Session | logging.
- Select option All session output under Session logging and locate a path for file to be saved as .txt.
- Select the radio button Always append to the end of it and ensure Flush log file frequently box is unchecked.
- Click on the session from the left hand side and type the IP address of the SonicWall under Host name and ensure SSH is selected under "Connection Type"
- Serial connection type should be selected if Firewall is connected via a console cable connection.
- Click on the Open to connect to the appliance via SSH and wait for username prompt, enter username/password and wait for the command line prompt to appear.
Up to 5.8.x
NOTE: On a serial 115k connection, show tech-support command can slow down the firewall so if firewall is taking time to print a command output then avoid running this command, and contact the SonicWall Support Team for further assistance.
- show tracelog current
- show tracelog last
- show tracelog all
- show tech-support
- show cpu (search for the process and see which process has highest cpu usage)
- stacktrace process_name (replace process_name with the name of the process that is overloading the CPU, i.e. stacktrace zNSM) - Please run the above command for 10 to 15 times
- show mem-pools
- show memory
- show memzone
- show fpa
- show log.
To export Tech Support Report For 5.9.x and 6.2.x firmware versions
To export Tech Support Report For 6.5.x.x firmware versions
1.type show cli pager to get the pager config status
admin@abcdefgh> show cli pager
cli pager default
cli pager session
2.if it shows as above you need to provide 'no cli pager session' to disable pager first then
admin@abcdefgh> no cli pager session
admin@abcdefgh> show tech-support
For 5.9.x.x,6.2.x.x and 6.5.x.x firmware versions
- diag show tracelog current
- diag show tracelog last
- diag show tracelog all
- diag show cpu
- diag show process process_name (replace process_name with the name of the process that is overloading the CPU, i.e. stacktrace zNSM) - Please run the above command for 10 to 15 times
- diag show mem-pools
- diag show cp-stats
- diag show memory
- diag show memzone
- diag show fpa
- show log view (for 5.9.x)
- diag show log (for 6.X)
Attach the file which was saved for saving the console output to the support case for analysis.