56
SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE
C
HAPTER
8:
Performing Diagnostic Tests and Restarting the SonicWALL Security Appliance
To 204.71.200.74 / 80 (02:00:cf:58:d3:6a)
The SonicWALL security appliance receives SYN from LAN client.
2
TCP sent on WAN [SYN]
From 207.88.211.116 / 1937 (00:40:10:0c:01:4e)
To 204.71.200.74 / 80 (02:00:cf:58:d3:6a)
The SonicWALL security appliance forwards SYN from LAN client to remote host.
3
TCP received on WAN [SYN,ACK]
From 204.71.200.74 / 80 (02:00:cf:58:d3:6a)
To 207.88.211.116 / 1937 (00:40:10:0c:01:4e)
The SonicWALL security appliance receives SYN,ACK from remote host.
4
TCP sent on LAN [SYN,ACK]
From 204.71.200.74 / 80 (02:00:cf:58:d3:6a)
To 192.168.168.158 / 1282 (00:a0:4b:05:96:4a)
The SonicWALL security appliance forwards SYN,ACK to LAN client.
5
TCP received on LAN [ACK]
From 192.168.168.158 / 1282 (00:a0:4b:05:96:4a)
To 204.71.200.74 / 80 (02:00:cf:58:d3:6a)
Client sends a final ACK, and waits for start of data transfer.
6
TCP sent on WAN [ACK]
From 207.88.211.116 / 1937 (00:40:10:0c:01:4e
To 204.71.200.74 / 80 (02:00:cf:58:d3:6a)
The SonicWALL security appliance forwards the client ACK to the remote host and waits for the data
transfer to begin.
When using packet traces to isolate network connectivity problems, look for the location where the
three-way handshake is breaking down. This helps to determine if the problem resides with the
SonicWALL security appliance configuration, or if there is a problem on the Internet.
Select Packet Trace from the Diagnostic tool menu.
9Tip: Packet Trace requires an IP address. The SonicWALL security appliance DNS Name Lookup
tool can be used to find the IP address of a host.
7
Enter the IP address of the remote host in the Trace on IP address field, and click Start. You
must enter an IP address in the Trace on IP address field; do not enter a host name, such as
“www.yahoo.com”. The Trace is off turns from red to green with Trace Active displayed.
8
Contact the remote host using an IP application such as Web, FTP, or Telnet.
9
Click Refresh and the packet trace information is displayed.
10
Click Stop to terminate the packet trace, and Reset to clear the results.
The Captured Packets table displays the packet number and the content of the packet, for instance,
ARP Request send on WAN 42 bytes.
Select a packet in the Captured Packets table to display packet details. Packet details include the
packet number, time, content, source of the IP address, and the IP address destination.