Sonicwall NSA 2400 Review

Upgrading from a Sonicwall Pro 2040 Enhanced

I recently had the opportunity to use the new Sonicwall NSA 2400. The Sonicwall name has been around for a while, known for making low-to-mid level network firewalls with available security service options. In the past I had used a Sonicwall Pro 2040 with the enhanced firmware – providing IDS/IPS, gateway antivirus, gateway antispyware and content filtering in addition to the firewall function. This new Sonicwall NSA 2400 was going to replace the Pro in a production environment.

The unit arrived Fed-Ex, in good shape. Sonicwall seems to double box their products, and then cushion the device in a layer of protective foam. The kit included the NSA 2400, a console cable, some ethernet cables, a power cord and documentation. Rack mount ears are also included- interestingly enough, these are a different hole pattern than past Sonicwall devices I have encountered. The NSA 2400 was preloaded with SonicOS Enhanced from the factory. Continue reading “Sonicwall NSA 2400 Review”

Sonicwall Licensing Synchronization Failure Codes

The following entry appears in the Sonicwall log file:

‘The SonicWALL Security Services on your SonicWALL appliance have failed to synchronize license information with the SonicWALL Licensing Server’. This is followed by a failure code in parenthesis (100x)

1000 – Unspecified error. If you receive this error repeatedly, contact SonicWALL technical support.

1001 – DNS resolution failed. Check DNS configuration settings and the availability of the currently configured DNS server.

1004 – Internal firmware error. If you receive this error repeatedly, contact SonicWALL technical support.

1005 – Failed to initialize a list of Root certificates. Check that time and date are correctly set on the SonicWALL appliance. Also check if NTP functions properly.

1006 – Failed to connect to SonicWALL License Manager server over HTTPS (SSL). Check that time and date are correctly set to the unit. Also check if NTP functions properly. Also check network connectivity to the outside locations. This may be a sporadic entry based on availability of the licensing server.

1007 – There was a problem receiving a response from the SonicWALL License Manager server. This error is temporary. If this error appears during a registration failure, you should try registering again.

1008 – Current SonicWALL appliance has invalid or illegal registration. All licensing has been reset.

Windows Updates and WSUS will not work through SonicWall firewall

When accessing Windows update through a SonicWall firewall, Windows Update or WSUS may fail to download updates. The event log entry may look something like this:

Description: Content file download failed. Reason: The server does not support the necessary HTTP protocol. Background Intelligent Transfer Service (BITS) requires that the server support the Range protocol header

This is caused by the default settings for the gateway antivirus service enabled on the Sonicwall.

To get around this issue, you need to access the hidden diagnostic page in the SonicWall managament site. To get there, log on to your SonicWall and then replace the trailing “main.html” in the URL with “diag.html” and hit enter. On this page, you need to adjust the settings on the following two items:

enable FTP ‘REST’ requests with Gateway AV
enable HTTP Byte-Range requests with Gateway AV

Updates should now flow through the SonicWall.