DazV

We've got a small LAN of 20 users who access the internet via ADSL dial-up.

Firstly, am I right in thinking this is Microsoft's offering to LAN users wishing to access the Internet (in this case through a single ADSL dial-up line) ?

Secondly, anyone reckon it would be overkill for such a small LAN?

David_Wallis

I use it at home for about 10 computers... overkill nah...

David

David_Wallis

due to the cost of having a dedicated box running it.. and licencing costs.. and buying it etc.. I would just buy a small dsl router... Im sure you can get ones that arent limited to a number of computers...

David

DazV

David, what server specs will it work happily with ? We're running a PII 450, 512MB with twin hard disks, at the mo.

[Edited by DazV - 6/26/2002 6:36:54 PM]

ChrisB

What's your application Daz? Firewall / security, logging /user control etc?

I'd take a hardware appliance like a SonicWall over ISA personally. IMO, Running ISA as your primary defence means you need to be spot on hardening NT / 2000 and keeping up to date on patches for everything.

DazV

Chris - application is more or less what you mention. Will have to check out SonicWall.

ChrisB

Worth it - all managed through a web interface.

One of the SonicWal Pro (can't remember if it's the 200 or 300) was Group Winner for PC Pro's firewall test this month. Best Cisco, Lucent, Symantec etc.

Loads of bolt-ons like anti virus, VPN support etc.

http://www.sonicwall.com

Trotty

We use ISA Server for our small LAN (~30 users). Fairly happy with it. As mentioned, you do need to stay on top of patching, etc.

As far as machine spec goes what you've listed will be fine - I'm assuming that's all this machine will be doing?

If you go for it how are you lanning to deploy it? Firewall only? Or job lot? (Web proxy/caching/etc)

Saying all that, sonicwall is very good

DazV

Trotty, what we have at the moment is a server running:

-MDaemon (email server across LAN)
-Wingate (internet access across LAN, firewall, etc...)

The Wingate product has been playing up and needs looking at once a week. What I wanted to try was putting in Microsoft ISA instead to see if it was anymore stable.

I'm not sure where SonicWall would fit into this scheme.

-DV

DazV

Would SonicWall simply sit between my LAN and the ADSL modem ? This would remove the need for the server running Wingate and would make me extremely happy!

Would this little box allow my LAN users to surf the net securely without the need of any server software like Wingate ?

I'm getting excited now!

How do you configure the LAN workstations (Win2K) to use the SonicWall ?

-DV

ChrisB

Yup, it would, although you would need No NAT ADSL.

Your LAN goes on the Private LAN segment of the Sonic and is 'hidden' from the Internet. Your ADSL router goes on the Public side.

You give the Sonic an IP addres in the same range as your PC's and it becomes the default gateway. Job done

[Edited by ChrisB - 6/27/2002 12:56:41 AM]

Trotty

DazV - ISA seems stable, haven't had any problems with it to date (in approx. 15 months) running SP1.

As far as client setup goes it's nice and straightforward. Just point IE at the web proxy. Default Gateway will be the server IP. It also ships with a "Firewall Client" which can be installed on each PC. Without it clients will be using SecureNAT, if you install it though you can define any rules much more specifically - i.e, setup user/pc groups, site and content rules, allow/deny access against IP/user acct, blah blah blah SecureNAT clients usually ignore most of these rules and so they need configuring slightly differently.

ChrisB has explained pretty much all you need to know for SonicWall - we're evaluating it within the next two weeks so I'll see how it goes...

Ian

DazV

Trotty - Thanks for the info


Chris,
Ok, this SonicWall thing sounds great. I assume its a box with a connector for a LAN and a connector for a WAN. Questions are:

1. Will the WAN connector accept the USB ADSL modem BT Opworld use?

2. We don't have a static IP address from BT OpenWorld - is this ok? LAN just uses DHCP 192.168.0.1 - 192.168.0.100

[Edited by DazV - 6/27/2002 9:51:28 AM]

Jeff Wiltshire

The Sonicwall will connect to the ADSL router via a LAN cable (but not a USB modem, you'll need a ADSL Router as well) and the lack of a fixed IP address is no problem. The model you'll need is the Soho3 25 user. If you want a price on it you can mail me off-line if you wish.


Cheers


Jeff

[Edited by Jeff Wiltshire - 6/27/2002 10:05:57 AM]

DazV

So I need to purchase an ADSL router to go with the modem ?

Jeff Wiltshire

You'll need a ADSL router to replace the Modem. ADSL routers typically have a higher throughput than USB ADSL modems so you'll gain there as well.


Jeff

Jeff Wiltshire

Just going back to what Chris B was talking about regarding SonicWALLs there are two modes available, 1 is the classic 'router' type mode where the default gateway is the internal interface of the SonicWALL (which requires changes to an existing network) or there is a transparent mode where the physically cabling will change (ie the SonicWALL is in between the router and the internal network) but the IP addressing of your network doesn't change and the default network stays the same.

We've done a large number of SonicWALLs now (100+) and we've had 1 DOA and 1 die in service (user plugged in the wrong power supply and blew up the box !) so they are very reliable boxes. I've had customers with boxes up for over 6 months without a reboot.


Cheers

Jeff

Darren (M3)

Me again (with different username while I'm on site)

Chris, Jeff, Trotty - thanks for all your help.

Jeff - making changes to our LAN is no problem, so I guess we'd run as a classic router. I take it there's no client software needed to be installed on the Workstations - just set their gateway to 192.168.x.x

Jeff important point - regarding removing the ADSL modem and replacing with an ADSL router - do I need to use BT OpenWorld for this and their own approved equipment or am I free to use what I want?

-Darren

Jeff Wiltshire

Darren

There is no software to load on the hosts/clients, simply change their default gateway to the the internal interface of the SonicWALL. Given that BT Openworld are now doing wires only installs I don't imagine that there will be a problem using your own choice of ADSL router.

Jeff