Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Is deploying the SonicWall TZ270 very easy to do (with a current 192.168.1.0/24 network)?

We are a very small business (5 employees + 20 endpoints and a server). We are moving building locations and are planning on restructuring our network (physically and logically).

We are thinking about purchasing the SonicWall TZ270 for increased security (plus it appears it supports up to 1 gbps). How easy is this setup for a current 192.168.1.0/24 network? I am NOT an advanced network administrator, but I believe I know enough if someone might be able to offer some insight.

I looked at several YouTube videos and SonicWall documentation and it looks like the default private IP is 192.168.168.168 but once set up, I can change the default LAN interface (I believe it's X0) to 192.168.1.0/24.

Basically, I'm trying to avoid having to reset the IP settings on all the workstations, printers, and single server. Also, all our IPs are statically assigned and their DNS settings point to the server (which controls the DNS + domain). Is there anything else I have not really considered or should know before purchasing?

Thank you for helping a newbie!

Category: Entry Level Firewalls
Reply
Tagged:

Answers

  • ArminFArminF Newbie ✭

    HI CDS,

    i am new to Sonicwall tz270 as well. So lets talk Newbie to Newbie....

    1 GB Speed is possible according to Youtube (tz270 throughput). I do run 500/50 Mbit and end up with around 480/49 Mbit having most of the Security Features enabled.

    I do use 192.168.1.0/24 as well. All in one Zone configured. You can change it even with your Phone having the Sonicwall app installed.

    Pretty straight forward i have to say. You need to have/open a MySonicwall account.


    About purchase. I got the Tz270 with a 3 years Security Bundle. And they offer a migration package which is a bit cheaper.

    I guess you have a firewall or something similar in place already. Check the security bundles you want. Depends on your needs i would propose at least threat protection.

    https://www.sonicwall.com/products/firewalls/security-services/ I run the second but do not use all of the features yet.


    Maybe put a drawing of your network in here so people see what you like to archive and can help. Pictures just tell more :)

    Happy hunting!

    cheers armin

  • cds2022cds2022 Newbie ✭

    Armin,

    Thank you so much for the quick reply and the valuable insight. I've attached a picture of our very simple network layout.

    Any additional thoughts or insight? Thank you!


  • ArminFArminF Newbie ✭

    You are welcome. Some guys here really helped me very much and now it is time to give some back....


    You could plan it like this. The Tz270 has 8 Network Pots were one is used for WAN. So 7 for your design.

    You can setup the Sonicwall using each ports in a single zone which keeps you flexible for your access rules.

    WAN Port

    WIFI Port for Guest Wifi - extra Zone - only access to internet

    Client Port (Core Switch) - extra Zone as the client just need a handfull of services from the DC/DNS

    Server Port - extra Zone - Offering DNS to clients, AD Services etc. And has access to the internet for DNS forwarding.

    If the server us nearby the Sonicwall which i assume here. Otherwise you can leave it on the Core Switch.


    With such a scenario you can drill down the firewall rules (access policies) to the things you need without exposing other machines.

    Hope this makes sense.


    But wait maybe a Pro can tell us more here.

    cheers armin


    PS: His Videos helped me very much https://www.youtube.com/c/JeanPierTalbot/videos

  • ArminFArminF Newbie ✭

    Ah.. one more thing..

    Check if your ISP Modem is able to run as a "bridge". So it forwards the internet IP to the Sonicwall.

    Otherwise you might face issues as these modems offer an 192.168.x.x network as well and you end up with a double NAT space.

    I had to talk to our provider to get this done. They could to it remotely even. Since then my WAN interface shows my internet IP.

Sign In or Register to comment.