Planning to allow internet access

Hello, I've been running my SBS2000 10-user lan for a while now. We
have no internet access and only 1 nic. It's time to allow access to
the internet so I purchased a SonicWall TZ 170 Firewall with 25 ports.
Can I plug my ADSL modem into the WAN socket of this firewall and plug
my users into the other ports and let it do all the work or do I need
to add a second nic and use the SBS firewall as well?

Thanks for your help / advice.
Mark Gruber

Jeff
Wed May 26 13:04:56 CDT 2004

The best configuration is using ISA and two nics.

You can make it work with one and the firewall you purchased.

Just so you know ISA is very secure, WHEN CONFIGURED CORRECTLY.

Jeff Loucks
Available Technology ®
Solutions For Professionals ®
www.availabletechnology.com



"Mark Gruber" <mark@nospam.com> wrote in message
news:eX58RU0QEHA.3708@TK2MSFTNGP10.phx.gbl...
> Hello, I've been running my SBS2000 10-user lan for a while now. We
> have no internet access and only 1 nic. It's time to allow access to
> the internet so I purchased a SonicWall TZ 170 Firewall with 25 ports.
> Can I plug my ADSL modem into the WAN socket of this firewall and plug
> my users into the other ports and let it do all the work or do I need
> to add a second nic and use the SBS firewall as well?
>
> Thanks for your help / advice.
> Mark Gruber

Dave
Wed May 26 13:05:24 CDT 2004

This is probably a matter of choice, but I would (and did) add the second
NIC and use ISA. There are a couple of benefits to this, the largest of
which is the second layer of defense. If an intrusion passes the SonicWall
somehow, it'll be up against ISA rather than having full access to your LAN.
You've already paid for (and presumably installed) ISA, so you might as well
get the use out of it.

Some other considerations: ISA caching, and sticking as close to the
default SBS install for ease of support and troubleshooting.


"Mark Gruber" <mark@nospam.com> wrote in message
news:eX58RU0QEHA.3708@TK2MSFTNGP10.phx.gbl...
> Hello, I've been running my SBS2000 10-user lan for a while now. We
> have no internet access and only 1 nic. It's time to allow access to
> the internet so I purchased a SonicWall TZ 170 Firewall with 25 ports.
> Can I plug my ADSL modem into the WAN socket of this firewall and plug
> my users into the other ports and let it do all the work or do I need
> to add a second nic and use the SBS firewall as well?
>
> Thanks for your help / advice.
> Mark Gruber

SuperGumby
Thu May 27 17:48:18 CDT 2004

I think you've wasted about US$500 bucks. Normally I'd put a sub US$100
router in front of a 2 NIC ISA.

But you have a device, what's the best way to use it? As the 170 is VPN
capable and is probably going to interfere with VPN terminated at SBS in a
two NIC setup you'd probably be best off running a single NIC and learning
to manage the 170.

A quick look at the manual suggests the interface is quite nice, pity
there's no integration to AD but RADIUS may be an option.

--
I'd rather be happy than right anyway.
Slartibartfast.
"Mark Gruber" <mark@nospam.com> wrote in message
news:eX58RU0QEHA.3708@TK2MSFTNGP10.phx.gbl...
> Hello, I've been running my SBS2000 10-user lan for a while now. We
> have no internet access and only 1 nic. It's time to allow access to
> the internet so I purchased a SonicWall TZ 170 Firewall with 25 ports.
> Can I plug my ADSL modem into the WAN socket of this firewall and plug
> my users into the other ports and let it do all the work or do I need
> to add a second nic and use the SBS firewall as well?
>
> Thanks for your help / advice.
> Mark Gruber

Dave
Tue Jun 01 13:10:26 CDT 2004

If you want to terminate the VPN at the SBS, let me know and I'll tell you
how to do it. (A lengthy call to SonicWall support got me close enough to
figure it out for myself. My first impression of their support didn't leave
me very well impressed, to say the least).


"SuperGumby [SBS MVP]" <not@your.nellie> wrote in message
news:u$PE$zDREHA.2468@TK2MSFTNGP11.phx.gbl...
>I think you've wasted about US$500 bucks. Normally I'd put a sub US$100
> router in front of a 2 NIC ISA.
>
> But you have a device, what's the best way to use it? As the 170 is VPN
> capable and is probably going to interfere with VPN terminated at SBS in a
> two NIC setup you'd probably be best off running a single NIC and learning
> to manage the 170.
>
> A quick look at the manual suggests the interface is quite nice, pity
> there's no integration to AD but RADIUS may be an option.
>
> --
> I'd rather be happy than right anyway.
> Slartibartfast.
> "Mark Gruber" <mark@nospam.com> wrote in message
> news:eX58RU0QEHA.3708@TK2MSFTNGP10.phx.gbl...
>> Hello, I've been running my SBS2000 10-user lan for a while now. We
>> have no internet access and only 1 nic. It's time to allow access to
>> the internet so I purchased a SonicWall TZ 170 Firewall with 25 ports.
>> Can I plug my ADSL modem into the WAN socket of this firewall and plug
>> my users into the other ports and let it do all the work or do I need
>> to add a second nic and use the SBS firewall as well?
>>
>> Thanks for your help / advice.
>> Mark Gruber
>
>

Mark
Wed Jun 02 12:13:34 CDT 2004

Thanks for all your help, you guys. I got it working only after a call
to tech support. I thought the guy was quite helpful, fwiw.