Introduction

Troubleshooting is a fact of life in computer networking, and SonicWALL security appliances offer a selection of tools to assist with troubleshooting network access. This chapter covers different ways to track the status of packets going through the firewall.

When dealing with firewalls, it is important to remember that they often change the content of the packets going through them. It is our task to keep track of the changes and make sure they are what we intended. Most firewalls perform four main functions: packet forwarding, stateful filtering, address translation, and encryption. We tackle each of these functions differently. Troubleshooting packet forwarding can be as easy as inspecting the routing table. Address translation may require looking at a log of the traffic. Troubleshooting encryption may require analysis of a detailed packet dump. SonicWALL appliances offer specific troubleshooting tools built into the SonicOS firmware. Commands such as ping, traceroute, and find network path can help with simple connectivity troubleshooting. More advanced tools allow you to view active processes, active connections, and CPU use, to name a few.

Remember that every firewall issue is resolvable, and there is a reason behind every decision the firewall makes. We begin by looking at the process a packet undergoes as it makes its way through the firewall. Next, we review the different tools available for troubleshooting. After that, we discuss troubleshooting methods for VPNs (virtual private networks) and traffic shaping. Finally, we cover the logs the firewall creates to help us...