How can I login to the appliance using the Command Line Interface (CLI)?

Description

SonicWall UTM appliances provide support for command line interface (CLI) commands to monitor and manage the device.

NOTE: Only one session at a time can configure the SonicWall, whether the session is on the GUI or the CLI (serial console). For instance, if a CLI session goes to the config level, it will ask you if you want to preempt an administrator who is at config level in the GUI or CLI session.

The SonicWall CLI currently uses the administrator’s password to obtain access. SonicWall devices are shipped with a default password of password.

Cause

You may need to use the CLI for the following reasons:

  • GUI is not accessible/freeze (hang)
  • Configure BGP Protocol
  • Apply some changes that can be made only by CLI
  • Export some diagnostic files

Resolution

  1. Console connection:
    Step 1: Attach the included null modem cable to the appliance port marked CONSOLE. Attach the other end of the null modem cable to a serial port on the configuring computer.
    N.B. You may use an adapter DB9 Male to USB if you don't have any PC with the serial Port.

    Image

    Image
    When the connection is established, log in to the security appliance:
  • At the User: prompt enter the Admin’s username. Only the admin user will be able to login from the CLI. The default Admin username is admin. The default can be changed.
  • At the Password: prompt, enter the Admin’s password. If an invalid or mismatched username or password is entered, the CLI prompt will return to User:, and a “CLI administrator login denied due to bad credentials” error message will be logged. There is no lockout facility on the CLI.

 


Step 2: Launch any terminal emulation application that communicates with the serial port connected to the appliance (PuTTY, TeraTerm Pro, SecureCRT, HyperTerminal, etc.)

  • Use these settings: 
  • COM1
  • 115,200 baud
  • 8 data bits
  • no parity
  • stop bit
  • no flow control


2. SSH on interface:
If SSH is enabled on the interface, you can use the PuTTY or any similar Terminal software to log in to the device. In some cases of high CPU utilization, even this will hang on you.
Then follow Step 2 from the above example to log in.


You may find helpful the following KBs:

How to Make a Console Cable

How to export SonicWall UTM console logs to a file

How to Generate TSR (Tech Support Report) from CLI (Command Line Interface)

How to obtain diagnostic Logs/data from console cable connection when Firewall is freezing/locking

How to restart SonicWall from GUI as well as CLI

How To Put the SonicWall into Safe Mode

How to configure web-management using CLI on SonicOS 5.9

How to create Static route using Command Line Interface

Creating Address Objects and Groups in Command-Line Interface

How to check the memory usage of the SonicWall UTM appliance using the Command Line Interface

How to open Standard port to a server using CLI

How To Disable Client Certificate Check via CLI

Delete all User Groups from LDAP via CLI

How To Check Peak Connections from CLI


Related Articles

  • TOTP based two-factor authentication for management by Admin user using SonicOS API
    Read More
  • Two-factor authentication using TOTP for Management by User with admin privileges
    Read More
  • How do I configure Two-factor authentication for the Admin login with TOTP?
    Read More

Categories

Firewalls
TZ Series
Command Line Interface - CLI
Firewalls
NSa Series
Command Line Interface
Firewalls
NSv Series
Command Line Interface
not finding your answers?
Ask the Community
was this article helpful?
YesNo