Cannot login to SonicWall remotely to configure whitelist.

[thecomputerguy]

I have a client whom I've never met but helped a few times remotely. He is being blocked from going to certain webpages by a SonicWall firewall configured by a previous tech who no longer in the industry and very difficult or impossible to contact.

The first hurdle was to figure out what the IP address was which I was able to do after awhile by scanning the LAN for IP addresses. Once I found the IP I still was not able to login because it looks like the default web management port was changed from 80 to some other port. I tried using a port scanner on that local IP and the only open port it came up with was 22 which also did not work.

I told him that if the default port was changed then chances are the default login was changed also so even if I had the port I still most likely wouldn't be able to login.

He asked me what I would do moving forward with this situation and I said I would probably come onsite and reset the SonicWall and deal with whatever issues arose from that (configuring the static WAN IP and whatever else). He said OK lets do that and I said well you are WELL out of my range and for me to come out that would be extremely expensive (he's 2 hours away). I wouldn't even accept the job for less than $1000 (which I didn't tell him) and even then I would have a hard time committing an entire day to travel that far there and back.

Any ideas? He's going to try and contact the old tech for now.

 

[oldtech]

What model Sonicwall? Out of curiosity what did you use to scan the network and did you scan the entire port range? If it is a firewall/router/gateway combo, ipconfig on any one of the pc's attached would provide the actual gateway address which should have the gui running on 80 or 443. Also maybe this article will help. http://www.brandontek.com/sonicwall/feeling-locked-out-reset-web-access-via-cli/

 

[BlackLabTechs]

Probably stupid question but did you try https://<ip address> ??

 

[thecomputerguy]

What model Sonicwall? Out of curiosity what did you use to scan the network and did you scan the entire port range? If it is a firewall/router/gateway combo, ipconfig on any one of the pc's attached would provide the actual gateway address which should have the gui running on 80 or 443. Also maybe this article will help. http://www.brandontek.com/sonicwall/feeling-locked-out-reset-web-access-via-cli/

I used this to scan for all IP's on the network (wasn't sure if it was in fact the gateway): http://angryip.org/

Then once I ruled out all other IP's (there was only like 5 total) I used this: www.advanced-ip-scanner.com/

And scanned everything from 0-9999

I also tried port 80 and 443 in IE and Chrome

 

[thecomputerguy]

Probably stupid question but did you try https://<ip address> ??

No I didn't ... I'll try that thanks for the tip

 

[Markverhyden]

Port 22 is for ssh. Did you try that? You need to use something like putty. And if you have physical access you can just use the console port.

 

[nlinecomputers]

Replace it or hard reset it. You'll spend way to much time trying to crack the code only to have to do that anyway.

 

[YeOldeStonecat]

Launch the browsers from his server....the prior tech likely used the servers browser to admin/manage the sonicewall. Start typing in the LAN IP of the SW..and the cache should populate....revealing the port. 8443 is popular if an alternate from 443 is needed (typically we don't leave firewalls on default 443 on the WAN side because other services such as OWA/RWW/TSGateway us that/those ports).

Also if he's using Sonicwalls wireless....access from wireless may be disabled.

 

[thecomputerguy]

Launch the browsers from his server....the prior tech likely used the servers browser to admin/manage the sonicewall. Start typing in the LAN IP of the SW..and the cache should populate....revealing the port. 8443 is popular if an alternate from 443 is needed (typically we don't leave firewalls on default 443 on the WAN side because other services such as OWA/RWW/TSGateway us that/those ports).

Also if he's using Sonicwalls wireless....access from wireless may be disabled.

I did do it from the server and the server is hard wired. Both with IE and Chrome, neither of which even auto-populated the IP of the Sonicwall, so obviously no port either.

 

[thecomputerguy]

Replace it or hard reset it. You'll spend way to much time trying to crack the code only to have to do that anyway.

I agree with you on that but he wants me to do it and I don't want to drive 2 hours away, maybe for the right price ... like I said $1000 I'll drive out there for an easy 1 hour job.

 

[TAPtech]

for 5 devices... just install your remote support program on his computer and then have him hard reset the device. Make sure your remote support is on a hard wired computer. Before doing that... explain to him if something goes wrong you'll need to charge BIG MONEY to get out there!!

 

[YeOldeStonecat]

for 5 devices... just install your remote support program on his computer and then have him hard reset the device. Make sure your remote support is on a hard wired computer. Before doing that... explain to him if something goes wrong you'll need to charge BIG MONEY to get out there!!

Sling a computer on a 4G connection...cuz once he resets that Sonicwall...whatever he installed his remote access on will now be severed...cuz the Sonicwall lost its WAN setup (and LAN if not default).

Then Sonicwalls have that oddball static subnet their LAN side is set to (do new ones still do that?)...have to set a secondary IP to whatever device he's drilled into...so hit the default Sonicwall LAN IP, log in, and begin configuring it.
(I love that Windows secondary IP thing...so helpful!...you can be on a 192.168.1.xxx IP and then configure a second IP range, like 10.1.1.xxx..and hit up devices on that network).

 

[TAPtech]

Oh, major derp on my part. They do not default to a DHCP WAN and LAN setup? I must admit I have not setup a SonicWALL for probably 6-9 months now.

 

[YeOldeStonecat]

Oh, major derp on my part. They do not default to a DHCP WAN and LAN setup? I must admit I have not setup a SonicWALL for probably 6-9 months now.

Dunno what the clients internet pipe is..might be static, or PPPoE...plus the LAN side of the Sonic may be off so even if DHCP...connection would still be severed to the LAN cuz gateway IP different than network. (like what if the network is a 10.50.1.xxx and the sonicwall defaults to 192.168.168.168)

 

[TAPtech]

Yeah I'm just now reading that post about having a server. Would cause some major issues just hard resetting it, depending on the environment. Bad post on my part.

I've been in situations like this before, and usually if the owner calls the previous guy and demands the login info, they can get it. They just need to leave a very angry voicemail and demand that the information is emailed or text messaged to them ASAP as they are losing business time. Typically the "missing" guy will turn up in the form of text/email. Who knows though, maybe the guy got hit by a bus.

Otherwise you would need to hard reset. Even if you can find the alternate port, like you mentioned, you won't have the admin login/password. Sounds like an onsite job.

 

[Markverhyden]

Oh, major derp on my part. They do not default to a DHCP WAN and LAN setup? I must admit I have not setup a SonicWALL for probably 6-9 months now.

Don't know about Sonicwalls but all of the other business grade, real routers have zero configs when defaulted. So you either need a console cable or a LAN computer manually configured IP. Of course the WAN config is off/blank so you need another Internet connection to remote in as @YeOldeStonecat said. And, come to think of it, you may not be able to use a web browser to configure the router since the networking is tied to the 4G card. You could use a console connection though.

 

[TAPtech]

Not the case on the USG series that I've been using lately. They default to DHCP WAN / DHCP LAN. Anyhow, I should insert foot into mouth for commenting on a router I am clearly not as familiar with as I thought.

But the 4G comment gave me a thought... maybe he can use his phone as a hotspot. If he has a laptop he can connect to the phone wirelessly and plug into the router with a cable. That would do the trick.

 

[nlinecomputers]

If this unit was setup by a tech that has gone awol I wouldn't trust how it was setup anyway. God knows if it has a backdoor in the thing and there are too many settings to have to look over. Also who owns it? The company? It is registered on MySonicWall to the previous tech or to the owner? Too much BS to have to go through.

 

[thecomputerguy]

Yeah he's got a static IP and I wouldn't know what to expect after it was reset so I wont be doing that remotely. The only thing I can expect is once it is reset any remote connection option is gone and he's down until I can somehow walk him through configuring a device I've never seen before nor do I know what the web GUI looks like. This is a job for an onsite tech.

 

[TAPtech]

If it's too far for you, see if you can find a Technibbler nearby that can help out!