SonicWALL Comprehensive Internet Security
Consulting Services



How To Buy
Channel Partners
International Sites
Search TipsSitemap

Your product must be registered before you can install new firmware.

SonicWALL Firmware Release Notes

SonicWALL Firmware Release Notes Version (11/14/2001)
Firmware version is available for SonicWALL SOHO, Telecommuter, DMZ and Plus Internet security appliances.

New Features and Enhancements:

  • The percent sign (%) is now an allowed character in any user configurable field.
  • TFTP LAN clients behind the firewall are now supported.
  • This firmware fully supports H.323 traffic between Polycom products through the SonicWALL.

Bug Fixes:

  • A bug which caused incompatibility with new T-DSL PPPoE services was fixed.
  • Several issues related to the DHCP client feature were fixed.
  • A PPTP LAN client login problem was fixed.
  • A bug which caused RealAudio/Video UDP streaming to fail was fixed.

To Update Your Firmware
If you are using a firmware version later than 5.1.0, you can take advantage of our new simplified AutoUpdate process. Log on to your SonicWALL, click the General button on the left side of the browser window, and then click the Status tab at the top of the window. Click the Update Firmware Now button to launch the Firmware Download Wizard which will guide you through the update process.

If you are using a firmware version prior to 5.1.0, download the firmware here before you log on to your SonicWALL. Click the Tools button on the left side of the browser window, and then click the Firmware tab at the top of the window. Click the Upload Firmware Now button and follow the on-screen instructions.

Firmware upgrades require your SonicWALL to be registered before the installation can proceed. The information you supply will be used for registration purposes only and will not be given to any third party, as outlined in the SonicWALL Privacy Policy.

Version (4/30/2001)
Firmware version is available for SonicWALL SOHO, Telecommuter, DMZ and Plus Internet security appliances.

New Features and Enhancements:
  • To provide compatibility with more ISP's, the PPPoE username and password can now contain up to 63 characters.
Bug Fixes:
  • A bug which caused cache full errors was fixed.
  • Multicast packets will no longer be cached.
  • A bug which caused automatically created rules to be lost upon a restore to factory defaults was fixed.

Version 5.1.1 (11/16/2000)

New Features and Enhancements:
  • Firmware Version 5.1.1 supports the new SonicWALL SOHO2, TELE2 and XPRS2 (see for more information). These new models provide a ten fold performance increase and superior scalability for your future security needs.
Bug Fixes:

In some cases with firmware version 5.1.0, the SonicWALL DHCP client can take up to 10 minutes to obtain an IP address from a DHCP server on the WAN. This issue has been resolved.

Version 5.1.0 (10/26/2000)

New Release Focus:
  • This firmware supports the initial release of SonicWALL High Availability, which is a new standard feature on the SonicWALL PRO-VX and an optional upgrade on the SonicWALL PRO. High Availability eliminates network downtime by enabling the use of a backup SonicWALL for failover.
New Features and Enhancements:
  • A new download wizard has been added to simplify the firmware update process. The wizard will be launched in the next firmware release (after 5.1.0) if the "Notify me when new firmware is available" checkbox is selected on the Tools/Firmware page. Please see the 5.1.0 Addendum to the Users Guide for additional information.
  • Services can now be defined using ranges of ports.
  • Multiple subnets can now be accessed through VPN tunnels.
  • Network Anti-Virus subscribers can filter E-mail attachments passing through the SonicWALL based on file extension.
  • Individual rules can now be edited and disabled. Rules can also be enforced by time of day.
  • A restart is no longer required after adding, deleting or changing rules.
  • The installation wizard has been enhanced to auto detect PPPoE and DHCP servers.
  • Fragmented IPSEC and PPTP packets can now pass through the SonicWALL.
  • WINS server addresses can now be assigned to LAN clients by the SonicWALL DHCP Server.
  • Hyperlinks displayed in the log now provide definitions of attacks.
  • A PPPoE inactivity time-out has been added.
  • The date can now be displayed in an International format (DD/MM/YYYY).
  • The Syslog Individual Event Rate feature enables control over the time period between similar events being reported to the syslog.
  • Napster is now a pre-defined service.
  • The current status of DHCP leases are now shown on the DHCP/Status page.
Bug Fixes:
  • A bug was fixed which caused PPPoE sessions to be disconnected.
  • A bug was fixed which caused the DHCP server to assign invalid leases to LAN users.
  • Problems were resolved which caused fragmented PPTP and IPSec packets to break the VPN tunnel.
  • A bug was fixed which prevented Stealth mode from working in standard mode.
  • The format for e-mails sent by SonicWALL was modified to comply with RFC 822.

Version 5.0.2 (8/17/2000)

New Features and Enhancements:
  • A free trial for SonicWALL Network Anti-Virus is now available for registered SonicWALL customers. After upgrading to 5.0.2 firmware, go to the Anti-Virus/Summary page and select the free trial link.
  • A stealth mode option on the Access/Services page allows inbound packets to be dropped rather than responding with a closed port.
Bug Fixes:
  • A bug that caused problems with FTP downloads was fixed.
  • Support for the latest RealPlayer was enhanced.
  • A default value for SA lifetimes of 86,400 seconds (24 hours) is now displayed in the user interface.
  • A bug which prevented Proxy Servers on the DMZ port was fixed.

Version 5.0.1 (7/19/2000)

New Features and Enhancements:
  • None
Bug Fixes:
  • Problems associated with upgrading from previous firmware versions were fixed.
  • A bug which wouldn't allow more than two outbound PPTP sessions at one time was fixed.
  • A bug was fixed which caused intermittent PPTP connections to be dropped.
  • A bug which caused the SGMS behind NAT Device checkbox to not work was fixed.
  • A bug was fixed that would not allow the NAT Device IP Address on the Access/Management screen to be configured.
  • Added a virus description to the SonicWALL Network Anti-Virus alert message.
  • A bug which, in rare cases, caused the SonicWALL to hang temporarily when attempting to assign IP licenses to clients was fixed.

Version 5.0.0 (6/19/2000)

New Release Focus:
  • The new SonicWALL Network Anti-Virus subscription extends the functionality of your SonicWALL Internet security appliance. SonicWALL Network Anti-Virus adds industry leading virus protection that is automatically installed, monitored and updated to all PCs on your network. More information on Network Anti- Virus is available at
New Features and Enhancements:
  • New firmware supports initial releases of SonicWALL Network Anti-Virus (see above), SonicWALL PRO-VX high performance VPN gateway and SonicWALL SOHO Telecommuter.
  • The SonicWALL product family now supports PPPoE allowing use with any DSL service.
  • ICQ 2000 tested and confirmed to work with SonicWALL products.
  • Added RADIUS and XAUTH support for VPN client authentication using external RADIUS server.
  • 3DES encryption is now supported across the entire SonicWALL product family.
  • Security association (SA) lifetimes are now configurable.
  • Added renegotiate button on VPN/Configure page which forces renegotiation of box to box VPN tunnels.
  • IKE public LAN server address now automatically changes when SonicWALL LAN IP address changes.
  • Allow remote clients checkbox removed from VPN/Configure page. Multiple remote clients now allowed automatically when entered in IPSec gateway address field.
  • Added ability to allow multiple VPN Clients to work from behind the SonicWALL with VPN enabled or disabled.
  • Security association (SA) names on VPN/Summary page now provide hyperlink to VPN/Configure page.
  • Maximum number of VPN security associations (SAs) for SonicWALL SOHO and DMZ increased to 10 SAs.
  • Remote LAN subnets of active VPN tunnels now displayed on VPN/ Summary page to display VPN tunnel status.
  • Packet trace tool on Tools/Diagnostic page now traces IPSec packets. Useful for debugging manual key VPN tunnels.
  • Added a Firewall Name field to Log/Log Settings page. This field is added to the subject line of log and alert e-mails.
  • The SonicWALL no longer requires a restart when it acquires a new IP address using NAT with DHCP client or NAT with PPPoE.
  • An alert is now sent whenever the SonicWALL WAN IP address is changed when using either NAT with DHCP client or NAT with PPPoE.
  • Moved DHCP logging and alerting to Network Debug category from System Errors category.
Bug Fixes:
  • Bug which caused false IP spoof logging and alerting was fixed.
  • Fixed bug which did not allow PPTP unless using One-to-One NAT.
  • Bug which caused FTP download failures was fixed.
  • Bug which affected DHCP server reliability has been fixed.
  • Bug in the proxy relay feature introduced in firmware version 4.2.0 has been fixed.
  • Now validate network connection inactivity time-out field on Access/Services page and proxy web server port field on Advanced/ Proxy Relay page.
  • Bug with importing a preferences file in firmware version 4.2.1p2 has been fixed.
  • Bug which caused the SonicWALL to reboot after obtaining a dynamic IP address for the first time has been fixed.
  • Bug which caused multiple new firmware notifications to be sent has been fixed.
  • Addressed incompatibility between SonicWALL web interface and Macintosh Internet Explorer 5.0.
  • Bugs in Japanese firmware GUI which prevented some parameters from being updated have been fixed.
  • Bug which prevented 3DES encryption from working with IKE has been fixed.
  • Bug in firmware version 4.2.1p2 that created an invalid IKE public LAN server and interfered with VPN client connections has been fixed.

Version 4.1.1 (4/03/2000)

New Features and Enhancements:
  • This firmware adds support for the new SonicWALL XPRS product.
  • Support for IKE negotiation with the new SonicWALL VPN client 3.02 has been added.
Bug Fixes:
  • None

Version 4.1.0 (1/26/2000)

New Features and Enhancements:
  • The SonicWALL product family now supports WebTrends for Firewalls and VPNs for more comprehensive reporting.
  • New filtering options have been added for content filter list expiration. Reliability improvements have also been made in the list download process.
  • An administrator inactivity time-out field and administrator logout button have been added.
  • IP addresses on the LAN can be denied Internet access to avoid using SonicWALL node licenses.
  • An option has been added to restore firewall rules to defaults.
  • SonicWALL will now automatically clear ISP router ARP cache at power up to eliminate Internet access delays in some cases.
Bug Fixes:
  • A bug which prevented use of the DMZ port in some hardware versions has been fixed.
  • Several bugs which contributed to hanging in some cases have been addressed.
  • A proxy forwarding bug has been fixed.
  • A bug causing PPTP connections to be dropped has been fixed.
  • The correct error message is now displayed when the user time-out is set for less than 5 minutes.
  • FTP downloads have been improved for Japanese customers.
  • A bug preventing IPSEC pass through has been fixed.
  • User license violations will no longer be caused by PPTP and AOL client software leaking IP addresses onto the LAN.
  • The "Site Blocked" message and keyword list are now updated immediately with no restart required.

Version 4.0.3 (11/22/99)

  • Internet Key Exchange (IKE) service and an IKE rule are now added automatically when an IPSec Security Association (SA) is created.
  • An intermittent problem with user access to the web management interface was fixed.
  • DHCP server static entries are now compatible with a wider array of DHCP clients.
  • A problem with the "shutdown when log overflows" log settings option has been fixed.
  • Minor bugs associated with preferences importing have been fixed.

Version 4.0.2 (11/10/99)
  • This is an OEM release only.

Version 4.0.1 (11/3/99)
  • In some cases on SonicWALL products with the content filter list loaded, users have lost access to the web management interface. This problem has been fixed.
  • IPSec security association (SA) import problem has been fixed.
  • Network Time Protocol (NTP) daylight savings time bug in some time zones has been fixed.

Version 4.0.0 (10/27/99)

New Features:
  • VPN now supports Internet Key Exchange (IKE) for automatic protocol negotiation and key exchange for IPSec VPN.
  • New installation wizard provides step-by-step instructions to simplify initial installation and configuration.
  • Support of H.323, ITU standard for real-time multimedia communications, enables applications such as Microsoft NetMeeting.
  • Support of QuickTime 4.0, an application for streaming multimedia such as video clips.
  • Network Time Protocol (NTP) support provides simple and accurate method for setting time. Includes Coordinated Universal Time (UTC) support to enable tracking of hacker attacks across multiple sites.
  • Can now use either DNS names or IP addresses for SMTP, SYSLOG and HTTP proxy servers
  • DNS servers can now be automatically propagated from DHCP client to DHCP server when both are enabled.
  • Support for up to three (3) DNS servers on General/Network page.
  • Support of Windows 2000 PPTP clients on the LAN.
  • Additional attack detection heuristics enable detection of wider variety of attacks.
Bug Fixes:
  • Trusted domains now override keyword blocking correctly.
  • Bug in GUI with deleting services has been fixed.
  • Interoperability problems between SonicWALL DHCP client and some DHCP servers have been fixed.
  • Bug in NAT with UNIX Traceroute has been fixed.
Other Changes:
  • Name references and logos changed to reflect company name change from Sonic Systems, Inc. to SonicWALL, Inc.

Version 3.4.0 (7/20/99)

New Features:
  • Firewall pass through for multiple PPTP clients and supported IPSec clients added.
  • IPSec LAN-to-LAN VPN now supported when one SonicWALL is running in "NAT with DHCP Client" mode.
Bug Fixes:
  • Bug with number of allowed rules and rule deletion has been corrected.
  • Traceroute tool now works when NAT is inactive.
  • Automatic Proxy Relay now supports proxy servers located on the DMZ.
  • One-to-One NAT now supports servers located behind routers on the LAN.
  • Syslog bug on SonicWALL PRO has been corrected.
  • DHCP lease renewal bug fixed.
  • DHCP lease requests no longer request 1 hour; instead, the lease time sent by the server is used.
  • Page loop when the Consent page is set as the default page for Web browsers has been corrected.
  • Computers behind internal LAN routers (routers on the LAN segment of the SonicWALL) are now able to access the WAN when NAT is enabled.

Version 3.3.1 (6/17/99)
  • ARP Problem fixed. This fixes a bug which appeared on some bridged networks (such as Orckit DSL modems and WavePath wireless) which caused loss of network connectivity after 15-30 minutes. Users of firmware 3.10 should upgrade to this version.
  • Problem with FTP transfers of multiple files was fixed. In some cases, MGET requests would cause the connection to be reset.
  • For classic SonicWALL boxes (SonicWALL 10/50/Plus/DMZ), an issue with SonicWALL PRO VPN interoperability was fixed. This only existed with the ARCFour algorithm.

Version 3.3.0 (5/17/99)
  • SonicWALL PRO release. .

Version 3.2.1 (4/2/99)

NOTE: If Tech Support has specifically asked you to use firmware 3.10, or if you are using 3.10 with an Orckit DSL modem, then do not upgrade to 3.21. A future firmware release will address this issue.
  • Fixed bug that caused SonicWALL to intermittently hang on networks with transmission problems.
  • Optimized DES code to do 500Kbps (was 240Kbps).
  • Improved Checkpoint/NAT/IPSec compatibility.
  • Fixed bug in VPN "allow remote client" feature.

Version 3.2.0 (3/2/99)

New Features:
  • Time-of-day restriction: Content filtering can now be applied during certain times of day and days of week.
  • Consent features: users can be redirected to a "consent" page before accessing the Internet, and can be given the option of being filtered or not being filtered.
Bug Fixes:
  • DHCP client host field now exported properly; this bug caused problems renewing DHCP leases.
  • Upgrade keys now exported properly: VPN and other upgrade keys were previously not restored after saving and restoring preferences.
  • Spurious "SonicWALL has been deactivated because the log is full" message was replaced with accurate message: "SonicWALL has been deactivated because it cannot obtain a valid DHCP client lease from the server".
  • Some changes made to FTP implementation which improve behavior when clients are communicating with unreliable servers.
  • Excessive E-mail messages reading "The cache is full" have been limited to one per minute MAXIMUM instead of many per second.

Version 3.1.1 (1/5/99)

NOTE: Due to export restrictions, the firmware image on the FTP site does not include VPN. If you already installed and activated the VPN software, do not install this file or you will lose VPN functionality. You will receive the VPN upgrade via E-mail.
  • Fixed an ARP bug which could cause connectivity problems with routers on the WAN or LAN

Version 3.1.0 (12/15/98)
  • Added one-to-one NAT.
  • Fixed IE4 problem with Java classes not loading.
  • Diagnostic tools are in the main GUI now.
  • Added DHCP hostname field.
  • Modified ARP bridging mechanism to work better with DSL/cable bridges.
  • Made DHCP server more compatible with Microsoft clients by null terminating strings.
  • Fixed bug where logging for services couldn't be disabled when NAT was on.
  • Fixed Consent bug where patrons were seeing pages requested by Previous patrons.

Version 3.0.1 (11/10/98)
  • First VPN release with manually keyed IPSec, ARC-4 and DES.
  • Changed upgrade key mechanism to map a key to one feature instead of a group of features.
  • Fixed bug where Web access with long URLs (e.g. Yahoo maps) was getting blocked.
  • Enabled advanced features in all units.
  • Improved log handling under heavy usage.

Version 2.0.4 (10/14/98)

It is highly recommended that anyone using SonicWALL for content filtration (with the Content Filter List) upgrade to 2.0.4.
  • Improved Content Filter List blocking so that a higher percentage of sites will be blocked.
  • Fixed a bug in Keyword blocking which prevented correct blocking in filenames over 85 characters.
  • Changed blocking code to work better on networks with unusual configurations for their remote subnets.

Version 2.0.3 (9/25/98)
  • Fixed bug which caused crashes when WAN nodes ARP on 0 (this showed up on cable modem networks)
  • Fixed bug which caused problems when DHCP server was configured to serve more than 255 addresses.
  • Fixed bug with Content Filter List newsgroup blocking.
  • Fixed problem which made it impossible to reach the Web Interface when the box is misconfigured.

Version 2.0.1 (9/15/98)

**Preferences will be wiped out; make sure you save your preferences.

This Version represents a major feature upgrade.

Some new features include:
  • Network Access Rules - adds the extra functionality of a traditional packet filter; allows extremely fine-grained control over network traffic based on IP address and port.
  • Transparent Proxy Relay - all Web traffic can be routed through third-party caching proxy servers for enhanced performance.
  • Proxy Blocking - Web access through external proxy servers can be blocked; this prevents bypassing of Content Filtration features.
  • Syslog- log messages can be directed to an external third-party Syslog server for more detailed and real-time info.
  • Session Time-out - now configurable. This can be used to prevent sessions from being timed out too quickly due to inactivity.
  • Log by service - log messages pertaining to specific services (such as "auth") can be disabled.

Version 1.8.1 (7/20/98)
  • Fixed bug in upgrade page. .

Version 1.8.0 (7/13/98)
  • Changed product name from Interpol to SonicWALL.
  • Fixed bug where subnet mask for each route wasn't initialized.
  • Fixed bug where UDP packets that were dropped were logged as TCP ( with NAT on).
  • Fixed bug where Public LAN servers weren't being exported.

Version 1.7.0 (6/26/98)
  • DHCP client and server.
  • PPTP passthrough.
  • Firmware update notification can be automatically E-mailed.
  • Cleaned up log and formatted it in a table.
  • Microsoft Internet Explorer v3/4 support for prefs downloading.
  • Outbound sequence number randomization.
  • Digital progress indicator for Content Filter List downloads
  • Added subnet mask option for each static route entry.
  • Fixed Year 2000 leap year bug.
IMPORTANT NOTE: Version 1.7 adds the ability to define a subnet mask for each route. After 1.7 is installed and the preferences file is imported, the subnet mask for any defined routes is set to Make sure you manually update this setting to the correct value.
Version 1.6.0 (4/16/98)

**Preferences will be wiped out; make sure you save your preferences so that you can restore them after upgrading (see note at the top of this page).
  • Customizable Public LAN Servers - allow new access rules into your LAN.
  • Log Categories - choose what will be logged, and what will generate alerts
  • Fixed problem with clock; product now fully Year 2000 compliant.
  • Fixed X-Windows HTML code in log-in screen.
  • Fixed problem with delay starting up Web Site Hits reporting in obscure cases

Version 1.5.0 (3/19/98)

**Preferences will be wiped out; make sure you save your preferences so that you can restore them after upgrading (see note at the top of this page).

Feature Upgrade:

Intranet support
  • Internet usage reports
  • Cookie blocking
  • Keyword URL scanning
  • Expanded DMZ list and route table
  • Trusted and forbidden web domains
  • "Allow Only" web blocking

Version 1.0.11 (2/23/98)
  • Changed Content Filter List downloading mechanism so that it loads from the new subscription server (

Version 1.0.10 not released
Version 1.0.9 (1/27/98)

**Preferences will be wiped out; make sure you save your preferences so that you can restore them after upgrading (see note at the top of this page).
  • Content Filter List downloads now unconditionally time out after 2 minutes.
  • Added Lotus Notes Public LAN server.
  • Removed some unnecessary Javascript dialogs which were causing problems with International browsers.

Version 1.0.8 (1/5/98)
  • Added ICMP redirect code so that LAN can point to Interpol and still talk to other subnets on LAN.
  • Check for DMZ-LAN spoof attack.
  • Fixed E-mail client bug so that headers are RFC compliant (used to fail with Eudora server)

  • Fixed problem with Content Filter List downloading interfering with other traffic.

Version 1.0.7 (12/15/97)
  • Fixed ARP bug where Interpol could fail to contact WAN router (when NAT was on and the Interpol Web address was in a different subnet than the router).
  • Show that we support LAND Attack prevention in GUI (the feature itself has been there since 1.0).

Version 1.0.6 (12/8/97)
  • Fixed memory leak with Content Filter List preparation.

Version 1.0.5 (11/21/97)
  • Check management IP address/mask before it's set for invalid value. This bug caused Interpol to become unreachable.
  • Fixed bug involving interaction of newsgroup blocking and Open Transport.
  • Added Java security applet for X-Windows users.

Version 1.0.4 not released
Version 1.0.3 (10/30/97)
  • Fixed Content Filter List download bug.
  • Fixed ARP bug where Ethernet address changes are now recognized.
  • Fixed authentication memory bug.

Version 1.0.2 (10/24/97)
  • Fixed SYN attack prevention bug.
  • Added login messages when Java/JavaScript are disabled.

Version 1.0.1 (10/22/97)
  • Fixed Content Filter List processing bug.
  • Fixed deadlock bug.
  • Fixed NNTP log only bug.
  • Fixed export prefs from Macintosh bug.

Version 1.0 (10/11/97)
  • Initial release.
"Today I installed my first SonicWALL and was very excited and impressed with the outcome. I was able to connect a 10 PC LAN in 1 hour with your product. I even tried to 'hack' the firewall and was unable to get a glitch while the log picked up the threat and reported it. I am convinced that your product is one of the most exciting I have seen in the past 3 years and my customers will be getting a lot of recommendations from me for your product. Thank you for an outstanding product!!"

Shawn Tooley

Home | Products | Applications | Markets | Services | How to Buy | Channel Partners | Company

Comprehensive Internet Security ® 2003 SonicWALL, Inc. | Privacy Statement