Feeling locked out? Reset web access via CLI.

| Friday, February 4th, 2011 | 1 Comment »

SonicWALL isn’t known for their CLI, and why would you really want to use it when you can easily administer the firewall from its web interface! Having access to the CLI can come in handy if you, for whatever reason, locked yourself out from web access. I will show you how you can reset/enable the web access below.

First, I want to show you that you have indeed locked yourself out from the WAN interface. Say, you’re trying to remote in and the firewall isn’t letting you.

SonicWALL interface admin

SonicWALL interface admin

Pay close attention to the mode on this screen on the top right hand corner. Currently I am in configuration mode, which means I have full access to make changes to the firewall. The only other mode is non-config, which is for viewing only. I’ll get into this more later.

Go ahead and click the configure button to access your X1 interface info.

SonicWALL interface mgmt

SonicWALL interface mgmt

What you’ll see here is that the X1 interface(WAN interface) does not have HTTP or HTTPS enabled for web management. Luckily though we have SSH enabled. So now you can easily SSH into your SonicWALL or, if you have physical access, you can console into the firewall.

SonicWALL CLI Login

SonicWALL CLI Login

For anyone that has never consoled into a SonicWALL before, well here it is! Here’s what it looks like!

Ok, so first we want to check the status of the X1(WAN) interface.

SonicWALL CLI X1 Interface

SonicWALL CLI X1 Interface

Notice that both http and https mgmt are disabled. You only need to enable one of them to have access to the firewall remotely.

Let’s go into configuration mode so we can make the changes.

SonicWALL CLI Config Mode

SonicWALL CLI Config Mode

Notice what’s happening here. It’s asking if I want to preempt the admin from “192.168.168.62”. The SonicWALL firewall’s only allow you to be in configuration mode at one time. Whether that is from SSH, Web or Console! So I go ahead and kick off the admin and take control of the firewall.

SonicWALL X1 Web Enable

SonicWALL X1 Web Enable

Enabling access to the X1(WAN) interface is very easy with just this one simple command!

Now let’s verify that the changes have been made.

SonicWALL X1 Web Enabled

SonicWALL X1 Web Enabled

Notice that HTTP MGMT is now enabled! HTTPS has not been enabled because we did not issue “https” in our command above.

Now let’s go back to the web interface and confirm that it is indeed enabled!

SonicWALL Interface MGMT

SonicWALL Interface MGMT

Remember I asked you earlier to pay attention to the top right hand corner? Notice how it has changed to Non-config mode! Also, remember what I said, only one type of access can have configuration mode. We took over configuration mode in our CLI session. So the web interface now indicates our change in status.
Now go ahead and click on configure button for the X1(WAN) interface so we can confirm HTTP access.

HTTP MGMT Confirmation

HTTP MGMT Confirmation

So there it is! Double confirmation! Once from the CLI and another from the Web interface!

Please let me know if you have any questions or comments!

Share