# Sonicwall only boots to safe mode



## gurutech (Apr 23, 2004)

I recently got my hands on a used TZ 170 firewall, and thought I could use it for "training" purposes in order to be able to better configure similar devices for customers, but I am not able to get the device to boot into "normal" mode, even after at least attempting to put it back to factory defaults.

It will only boot into safe mode, and only does this when I press the "reset" button on the back and hold it in while I plug in the power adapter, then release the button. I can get to the default homepage (192.168.168.168) only if I hard-code an IP address on the same subnet to my laptop. I cannot get a DHCP assigned address in safe more, or in normal mode.

I thought the firmware was corrupted, so I downloaded the most recent copy from the Sonicwall website, and I am able to upload it to the device, and it gives me 3 firmware versions to boot from - normal, normal with factory defaults, or normal with "backup" configuration. I've tried all three options, but as soon as it attempts to boot from any of them, it hangs, and I have to manually reboot it.

At this point, it will give out standard 169.254.x.x IP addresses instead of something in the 192.168.168.x range. I've searched online everywhere I can think of but I'm not finding any useful information.

Any suggestions, besides tossing it?


----------



## Elvandil (Aug 1, 2003)

Where you got it may be a clue, but after what you tried, my guess would be "hardware".


----------



## zx10guy (Mar 30, 2008)

I agree with Elvandil. I looks like you did everything correctly. I'm also leaning towards some sort of hardware issue.

As an aside, how did you get the new firmware? Based on my experience with SonicWall, if you don't have existing maintenance in place, you can't download the most current firmware unless the maintenance you did have on that device encompasses the period when that firmware would have been released.


----------



## gurutech (Apr 23, 2004)

zx10guy said:


> As an aside, how did you get the new firmware? Based on my experience with SonicWall, if you don't have existing maintenance in place, you can't download the most current firmware unless the maintenance you did have on that device encompasses the period when that firmware would have been released.


I logged in to mysonicwall.com with my work email address and it let me download from there. I'm trying to get this device working as more of a "personal" firewall (for my home), so I want to keep it on a separate email from my work one.

I'm thinking a hardware issue as well. I took it apart, and noticed some heat marks near the small coin-battery inside. Not saying that has anything to do with it, and none of the internal components are "fried", so who knows....


----------



## Triple6 (Dec 26, 2002)

When you reset the unit, did it take you to the normal safe mode login or to a message that said the firmware was corrupt?


----------



## gurutech (Apr 23, 2004)

It said it was "Safe Mode", and the only thing I could do, other than view the serial #, activation code, etc... (which is also on the bottom of the device), was to upload a .SIG file, or run diagnostics. Diags passed, and when I uploaded a .SIG file, I got three "firmware" options, which was normal, normal/factory, and normal/backup.


----------



## Triple6 (Dec 26, 2002)

I thought, and I can't find this on the SonicWall site or manuals and luckily mine haven't had any issues, that you could erase the firmware(not just the settings) on some of these units by powering on and holding the reset button and that the screen that should come up reports corrupt firmware and only lets you upload a new firmware. But maybe that's on older units.


----------



## Triple6 (Dec 26, 2002)

Here try this: http://www.sonicwall.com/downloads/SW_Gen3_Reset_Procedure.pdf


----------



## gurutech (Apr 23, 2004)

Those are the exact steps I have done, with the exception of the CD (which I don't have), and I used IP address 192.168.168.169 instead of .200.

Maybe I'll try the .200 instead.... And I'll have to see if I have a X-over cable.


----------



## zx10guy (Mar 30, 2008)

Changing your the host IP you're using to connect to the firewall isn't going to change anything.


----------



## gurutech (Apr 23, 2004)

Just tried with a x-over cable and .200 IP address (although I agree it shouldn't matter, as long as I don't use .168).

Only difference now is that the page will refresh and say it can't find the webpage after I tell it to boot with each firmware.

I've downloaded all available firmwares from Sonicwall, none of them work... :-(

Looks like this thing is going in the trash....


----------

