Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
2

Any tools to easily view Sonicwall configs?

Looking to start fresh on a Sonicwall instead of re-importing the same config that has been around for many generations. Does any one know of a tool that will allow me to easily view the Sonicwall config files in an easily readable format?

I was able to convert the exp file to a text readable format, but the names and structure of the file is so convoluted that it's impossible to use as a reference as I re-build.

4 comments
75% Upvoted
What are your thoughts? Log in or Sign uplog insign up
level 1
I like graphs2 points · 3 months ago

I was able to convert the exp file to a text readable format, but the names and structure of the file is so convoluted that it's impossible to use as a reference as I re-build.

I had the same issue when I had to rebuild some configs and attempted the same thing. I gave up on the text config diffing. You might have some luck with CLI get commands for objects, but honestly doing it via the GUI is probably going to end up being faster unless you have a ton of units to upgrade/convert and you can justify investing the effort into creating a more automated process.

I'd normally delete all unreferenced objects, and any NAT or Access rules without any traffic hits first. Then I'd look over the configs/objects/rules for: Interface, Address Objects, Service Objects, Routes, NAT, Access Rules, Log Settings, Admin settings, and finally User/LDAP config. After that I'd dive into the security suite and look over any App-Rules, IDS, GAV, etc policies they might have. Most of the time, all of the security suite was just enabled without any customization.

Unless you have a really convoluted setup, manually going through the GUI isn't that time consuming.

level 2
Original Poster1 point · 3 months ago

I pulled the config via ssh and, if printed, it would be nearly 800 pages. And that is with me cleaning it up. The EXP file is even longer.

When I was reviewing it earlier, I noticed a lot of un-referenced items and zero hits. This is with a gross amount of up time so I'm certain it will be safe to refer to each as unused.

The config is convoluted but GUI looks like my best shot. yay...

Thanks for your input!

level 1
Network Engineer1 point · 3 months ago

I wrote a tool a while back to back-up the configs to all of our deployed SonicWALLs to a cloud service. It parsed the EXP and put it in a more IOS-like syntax (text file).

Let me see if I can find the code. Of course, it still lies with my previous employer, so I give it a 50/50 chance as to whether I can recover it or not.

level 2
CompTIA A+2 points · 3 months ago

I wold be interested in the tool too.

Community Details

131k

Subscribers

1.1k

Online

###Enterprise Networking Routers, switches and firewalls. Network blogs, news and network management articles. Cisco, Juniper, Brocade and more all welcome.

Create Post
r/networking Rules
1.
Rule #1: No Home Networking.
2.
Rule #2: No Certification Brain Dumps / Cheating.
3.
Rule #3: No BlogSpam / Traffic re-direction.
4.
Rule #4: No Low Quality Posts.
5.
Rule #5: No Early Career Advice.
6.
Rule #6: Educational Questions must show effort.
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.