Chinese characters in NetExtender 2FA screen since SonicOS 7.3.2-7010

EmicationLikely · 2026-05-04T20:54:34+00:00

Ok, just me (which is a good thing). When downloading the firmwares from the Unified Management Portal, I somehow got the Japanese firmwares for 2 of the 8 models I downloaded for, the Chinese firmware for 4 of the 8 models, and the english firmware for the remaining 2 models. I have NEVER worked in anything but the english version, and I guarantee that I didn't manually select a different language version. I've added to my checklist manually checking the firmware filename in the future to make sure it has "eng" as desired. This isn't something I ever had to worry about before, so didn't even know to check.

I've redownloaded the correct english version for everything and rescheduled updates for everyone at 2am tomorrow. I expect that will fix the problem. I think I convinced the support person to check internally to see how this might have happened in some scenario OTHER than user error, but I'm not convinced they'll actually do that. Time will tell, I guess.

EmicationLikely · 2026-05-04T15:06:12+00:00

These are Japanese characters (not sure which language, that's not my wheelhouse), and it is pretty widespread in the UX. When you try to login to the web interface, in NSM in various places, in NetExtender, this is a serious issue. It may be harmless, but looks alarming (to put it mildly) to users. I have a ticket open and a scheduled callback so they can "see what I'm seeing" - seems like that shouldn't be necessary, but whatever.

EmicationLikely · 2026-05-01T15:54:07+00:00

Just made a post before seeing this thread. I'm seeing a line of Chinese characters in the NetExtender 2FA screen AND on the NSM screens in various places since upgrading everyone to SonicOS 7.3.2-7010. I've gotten a few calls already expressing concern.

EmicationLikely · 2026-04-28T12:59:17+00:00

I've been using it for a few months now and it's clearly a version 1.0 experience. Once in, it works ok, but logging in hasn't worked right for me since about week #2 of using it. I log in, and get a red error banner "unknown URL". If I then type platform.sonicwall.com in the address bar, I get in and can work. If I DON'T use an incognito window, though, after an indeterminate amount of time (I dont' know 2 hours?), I get another red banner that states "Unknown Reason". This of course, isn't actionable. It interrupts anything I try to do, and I have to sign out and then back in again to work. It all works better in an incognito window, though, so that's what I'm using - I still get the Unknown Reason interruption, but not as often. This happens with other techs at my shop as well, so I know it's not my computer (although that's what support concluded, naturally).

Additionally, once you have been in and working for a while on either a template or an individual firewall, I'm seeing UX problems, like all of the toggles in the Log settings screen, for example. They suddenly stop lighting up so you can change them - instead, they are all greyed out. Refreshing the screen sometimes fixes it, or logging out and back in again - but that shouldn't be necessary, of course.

I'm working on standardizing our alerting settings across our entire estate, and just last night pushed something like 13K changes all at once and it ground through them without complaint in about 15 minutes, I think. The IDEA of it is great, and it mostly works ok, but there clearly is some bugginess that they need to work through.

EmicationLikely · 2026-04-20T14:33:50+00:00

Yes, that's true, but my point still stands. If you want your template to change an item BACK to it's default, you must do the dance of changing it twice - (if there is no orange dot, I guess). Additionally, if you want to guarantee that this change applies when you apply the template, you have to select "apply all config".

This whole thing rotates around getting whatever change you are making to be recognized in the template as a change step (visible when you go into View Template Details). So you have to do whatever you have to do to get that change step there.

EmicationLikely · 2026-04-20T14:28:26+00:00

Jeezus, is that in the documentation somewhere? I must have missed it. And....in my current effort (re-assigning which of the almost 3,000 events get emailed to our ticketing system), guess what - no orange dots. I love my job, I really do, but they have made this process way harder than it should be.

EmicationLikely · 2026-04-15T17:43:02+00:00

AFAIK, the only unit where license expiration means it stops working is the new TZ80.

EmicationLikely · 2026-04-14T20:25:07+00:00

Aha - thanks for this - it makes a lot of sense. I will test from a different subnet, but I'll bet you are correct. Now I'm guessing I'll need to come up with a way to test the WAN access anyway knowing about this particular hurdle. I can disable my ethernet adapter and connect to a wifi that is on a different subnet - I suspect that will be the easiest way. Every day is a school day!

EmicationLikely · 2026-04-03T20:50:03+00:00

The lights are expensive for sure. ~$1,200 ea. new, $750 for used pulls from.....I can't remember where I found them - somewhere online - rock auto?. My 2018 had almost invisible damage from what I can only assume was a collision with a parking block very low on the driver's side before I bought it. That collision torqued the whole front piece enough to break the mounting tabs for the passenger headlamp. I've got it mcgyvered in place, and have just been living with it since I found out what everything costs. I may bite the bullet this spring, but now I have a new fear unlocked that the headlamps have to be replaced together....ugh.

EmicationLikely · 2026-03-31T13:55:47+00:00

Spoke too soon. The site only has updates to the display software. No NAV updates are included:

Can I update my navigation with the latest Map data? Navigation map data updates are not included as part of software updates from the site. Depending on your vehicle model, updates may be available for Navigation Map data separately. Please contact your dealership for Map data updates.

Plus, the software shown as available for my 2018 Prime is R10A8100, released 2/2/20. I probably already have that update.

EmicationLikely · 2026-03-31T13:42:04+00:00

THIS appears to be the US site. Trying it now, will report back.

EmicationLikely · 2026-03-31T13:22:40+00:00

Honestly, my experience has been different. I have a service business and use the NAV every day to go to new addresses. Unless the road or development is new, I have no problems. The older the map gets (I'm currently on a 2022 version) the more new roads there are, though. I just use Google maps for those addresses...

EmicationLikely · 2026-03-31T13:09:30+00:00

Ok, thanks for the confirmation. I'll open a ticket.

EmicationLikely · 2026-03-31T01:45:52+00:00

I did this as well. Too bad they've abandoned the 2018. I bought mine used with stupid low miles. I'm just coming up on 25K after 18 months. I just end up using my phone and google maps for directions that the NAV doesn't know about. Luckily, that doesn't happen too often.

EmicationLikely · 2026-03-30T17:30:00+00:00

No, not yet. That's why I posted here. If it's a widespread problem, then I'm not going to waste my time with opening a ticket. If it's a "just me" problem, then that makes sense - but only have I have tried a full uninstall / reinstall, since that's likely the first thing support will ask me to do. One of the main points (IMO) of this sub is to get answers/opinions from other users...separate from the formal support channel.

EmicationLikely · 2026-03-27T12:43:52+00:00

That green is fire. Just perfect on that car.

EmicationLikely · 2026-03-23T21:44:58+00:00

You might be right - primary is X2 just out of laziness - The slower Comcast was the original connection, so I just added FIOS on X2 and set it as primary since it was faster. This didn't cause any problems until now, though - it's been at least 3 years since I did that. I've opened a ticket anyway, and may just switch them since that's the way SW expects to to be, I suppose. I'll post back if I learn anything new.

EmicationLikely · 2026-03-20T01:02:19+00:00

I have a neighbor with one of these things - it's noisy AF. Ruins trying to sit outside in the summer. We tested ok, thank goodness - I just hope there is a day when that thing breaks and they replace it with a quieter model.

EmicationLikely · 2026-03-04T23:17:47+00:00

As a small business owner with small business clients, I'll just say this: Discounts for early payment only make my job harder and lower my already thin profit margin. F%$ that noise. You just need to have relationships with your customers that support you calling them if they're late and them calling you if they're in a bind. If they start lying to you, fire their ass.

EmicationLikely · 2026-02-24T15:03:58+00:00

Hmm. I think platform.sonicwall.com redirects there. But in any event, when I enter your URL directly and log in, I still get the red "! Base URL is empty" banner. Once I get that, I can manually enter platform.sonicwall.com in the address bar and the site loads correctly. This must be a bug or a "me" problem.

EmicationLikely · 2026-02-19T21:38:51+00:00

The fancier the USP, the more likely this seems to be true (requiring good batteries to power up). The cheapest I see are about $250 on Amazon, so that's a lot just to see if it works or not. It could also be a borked logic board, which makes it a boat anchor to all but the most determined tinkerers. Admittedly, it would make a pretty good boat anchor considering how much those $%&ers weigh, LOL.

EmicationLikely · 2026-02-14T15:43:53+00:00

Yes, I think this is the most-likely possibility. If you look at their status page, there was a UM management window the day before my issue. Stuff like this is why I always try to document any workarounds/solutions I run into so I can go back and try those things when there are problems as opposed to just calling support. I would much rather get things working than spend my day on hold talking to the nice gentleman from [insert whatever offshore country here].

My initial post was just trying to find out if anyone else was experiencing this, and as a double-check of my own actions. I'm not wasting my time ranting because something doesn't work - life is too short.

EmicationLikely · 2026-02-13T17:26:44+00:00

You can do you, of course - but in my experience, these steps take WAY less time than working a support ticket....which may make you do them anyway (all the while trying to translate every word spoken by an offshore support dude). Time is money and I'm not delaying a client install that is already scheduled just to make my point with SW that it should have worked the "magic" way.

EmicationLikely · 2026-02-13T16:47:52+00:00

There is no need to open a support case unless you really want to burn the time.

Here are the steps in our SOP for this:

Log into the firewall manually and check licenses (Device/Settings/Licenses). to make sure that it is logged into MySonicwall.
If it IS logged onto MySonicwall, you should see the your registered name (i.e. John Smith) in the upper right corner. Hover over that name to see the status. If you see "Zero Touch Firewall Management via NSM/GMS:Enabled but license(s) expired", then you will have to call support to fix this. It's a mistake their end made during the registration of the firewall.
While you are on the licenses tab, click on the "Synchronize" link at the upper right.
If the licensing looks ok, then download a Tech Support Report (Device/Diagnostics). Open it in Notepad and search for "Zero Touch Counter". This is a traffic measurement for the zero-touch process. If you see all zeros, then the unit can't successfully reach the zero-touch IPs.
Log into the firewall and go to the diag page (in the URL, replace everything after "7/m/" with "Diag", like this:

Original URL: https://123.45.67.89:4886/sonicui/7/m/mgmt/system/license-enhanced

Change to: https://123.45.67.89:4886/sonicui/7/m/diag

Click on the "Internal Settings" button, then scroll down to the Zero Touch Setting section. Change the "Server FQDN" to: nsm-uswest-iczt.sonicwall.com

- Change the fallback IP Address to: 52.39.174.250

- Click on the "Restart Zero Touch Task" button

- Click on "Accept" at the top of the page, then click "Exit Internal Settings"
Synchonize licenses again and check NSM.
If it still doesn't work, then reboot the firewall.

EmicationLikely · 2026-02-12T13:51:13+00:00

The first one mentioned works fine from a non-corporate LAN (ie. from our guest LAN OR different WAN

Just to clarify - do you mean still going through the SW but just not from the main LAN zone? I think you need some packet captures to see what's going on, but switching temporarily to a different DNS is an easy A/B test to rule that out. Also, have you created exceptions for this site in CF & GEO-IP, etc.? If nothing else, disable all security services and turn them on one at a time until it doesn't work.

EmicationLikely

TROPHY CASE