Re: hardware firewall with SBS
- From: "Gregg Hill" <bogus@xxxxxxxxxxx>
- Date: Mon, 3 Oct 2005 18:26:07 -0700
Rick,
If the TZ170 is capable of port forwarding and NAT, which a $20 router will
do, then it should work just fine. Your diagram is right on the money and is
precisely how mine is set up. If you use a DMZ on most routers, it is
equivalent to putting the server live on the Internet. I am not sure of the
SonicWall's DMZ settings, though.
You are correct. Collect your money!
Gregg Hill
"Rick" <Rick@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:3E3D7338-2421-48FE-AB67-84D4D95FAEAA@xxxxxxxxxxxxxxxx
> Hi All,
>
> I am re-arranging my network in hopes of a higher level of security. I've
> previously posted questions asking if SBS security is enough and it seemed
> a
> good percentage of admins out there recommend still having a hardware
> firewall. So I have bought a device that comes highly recommended for
> small
> businesses -- a SonicWall TZ 170.
>
> I'm a little disappointed in the SonicWall's documentation. It is very
> poor
> with respect to a "start here for firewalling basics" section -- there
> isn't
> one.
>
> A friend of mine with his own small business has a TZ 170 and he swears
> that
> your servers on the public Internet have to plug in the "Option" or DMZ
> zone
> port on the device. But he doesn't have SBS with it's dual-homed setup.
>
> I'm thinking the following makes the most sense for SBS:
>
> (Internet)
> |
> [DSL modem]
> |
> | WAN port
> [TZ 170]
> | LAN port (not Opt)
> |
> | SBS external interface
> [SBS 2K3]
> | SBS internal interface
> |
> [10/100/1000 switch]
> | | | | | | | | |
> (Internal worstations and servers)
>
> Am I right, or is my friend? You would think I could look up the answer
> to
> this kind of question in the SonicWall documentation, but it's not there.
> It
> does not describe at all what the "Opt" port is really for beyond the
> following:
>
> "Configuring the OPT Port in Transparent Mode
>
> If your ISP provided you with enough IP addresses for all the computers
> and
> network devices on your OPT, enable Transparent Mode. To configure
> Transparent mode, complete the following instructions:
> 1) ...
> 2) ...
> ... etc ....
>
> Configuring the OPT Port in NAT Mode
>
> If your ISP has not given you enough IP addresses for all of the computers
> and network devices on your OPT, you can configure the SonicWall to use
> NAT
> Enabled mode. ....etc..."
>
>
> Incredibly bad documentation in that nowhere does it describe what the OPT
> port is actually for.
>
> I know this fairly hardware-related question, but the reason for the
> question is because the OS is SBS 2K3.
>
> Any help or insights will be very appreciated.
> Thanks,
>
> -Rick
.
- Prev by Date: Re: SBS2k3 slow network access and mmc not responding
- Next by Date: Re: Migrating NT4 Exchange 5.5 to SBS 2003
- Previous by thread: Re: SBS2k3 slow network access and mmc not responding
- Next by thread: Re: exchange outlook global address list properties editing
- Index(es):
Relevant Pages
|
