Useful third party tools for troubleshooting the SonicWall.

03/26/2020 10 13940

DESCRIPTION:
Useful third party tools for troubleshooting the SonicWall.

RESOLUTION:

Problem Definition:

What tools would be useful in troubleshooting the SonicWall before calling support?

Resolution or Workaround:

Network/Port Scanning: Scanning the network for servers, workstations, printers, and all other network devices. See what ports are open on what IP's on the network.

 Nmap - Network Mapper: Netmap provides a GUI interface Zenmap which allows the user to type in a network like 192.168.0.1/24 to get a general overview of their network. Some useful scan types include "Quick Scan" and "Intense Scan". For more information and to download please go to http://www.nmap.org/download.html.

SonicWall interface access: SSH and Telnet are needed to login to the SonicWall when web GUI access is down.

 PuTTY - PuTTY is a free to use Telnet and SSH client which allows remote access to networking devices with SSH/Telnet enabled. The tool is CLI (Command Line Interface) so it is recommended to only be used if you're experienced or familiar in that kind of environment. For more information and to download please go to http://www.putty.org

Server/Workstation packet captures: The packet capture tool built into the SonicWall (System > Packet Monitor) can only monitor traffic reaching the SonicWall so a workstation/server level capture might be needed for troubleshooting to determine if it is a non-SonicWall issue.
 

 Wireshark - Wireshark is a free to use packet capture tool that includes a GUI for ease of use. The tool will capture all traffic at the network interface card of the machine it is installed on allowing for people to see if the workstation/server is the issue and not the SonicWall. For more information and to download please go to http://www.wireshark.org.

Vulnerability assessment: A proper vulnerability assessment is necessary to ensure that any information system is secure and should be performed many times a year.

 Retina Community - Retina Community is a free vulnerability management tool that provides a simple interface to test for zero-day vulnerabilities, configuration issues, missing patches, and workstation to server interaction. The free version only allows up to 256 IP's but this can be a powerful tool for testing interoperability with a server/workstation with the SonicWall. For more information and to download please go to http://go.beyondtrust.com/community.

 Armitage - Armitage is a free network vulnerability and exploitation tool that provides an easy to use GUI for the Metasploit framework. Armitage can be used to test the effectiveness of the firewall access rules, IPS, GAV, Anti-spyware, and other security functions in the SonicWall. This tool does require reading the getting started   manual but is extremely powerful. For more information and to download please go to http://www.fastandeasyhacking.com.

Connectivity: Having connectivity to other devices is essential for a network and hence the SonicWall to function properly.

 Ping - Ping is the most commonly used connectivity test in use and is standard across Windows, OSX, and Linux. Ping can be accessed via the command prompt, command line, or terminal depending on the operating system.

 Traceroute - Traceroute is used to determine the path to a destination host which also includes the response time to each hop. In Windows the command will be   tracert and for Linux it will be traceroute. In example tracert 8.8.8.8 will show the route to that IP address

 Pathping - Pathping is the combination of ping and traceroute. In example pathping google.com.


DNS: When typing in a URL in your browser and the FQDN does not resolve correctly a simple lookup will be needed to determine if the DNS server is the issue.

 Nslookup - The Nslookup command allows for a simple FQDN to IP address translation to quickly determine if the DNS server is resolving correctly.