Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Alternate OS (Firmware) for Sonicwall TZ270

Hi all!

Wondering if there are any recommended Firmware's for the TZ 270 device.

The SonicWall OS is terrible. I recently upgraded my firewall to the Sonic tz270, and am finding it a terrible product. Terrible OS.

It is so crippled that it is un-usable. I changed from my own designed firewall, and will be going back to it. Sonicwall is just not capible of doing the basic stuff I need a decent firewall to do.

In order not to lose money, I would like to put another system on the device. Sonicwall support just plain sucks.


Has anybody successfull placed a decent firewall system on these devices ?


Thanks!


Cheers!

Category: Entry Level Firewalls
Reply

Best Answers

  • CORRECT ANSWER
    BWCBWC Cybersecurity Overlord ✭✭✭
    Answer ✓

    @TheRealSnarfster I don't say it's impossible, but very unlikely that anyone tinkered with the box to install an alternate OS.

    If you don't like SonicOS that much and missing to many things, my advice would be to sell the box. SonicOS covers a lot of topics in a very good way which is fine for the most of us. It's not all unicorns and rainbows, I miss a lot of things too, but at the end of the day it gets the job done quite well.

    If you like to give it a chance, just let us know what bothers you and maybe there is a way to get it done.

    --Michael@BWC

  • CORRECT ANSWER
    TKWITSTKWITS Community Legend ✭✭✭✭✭
    Answer ✓

    Personally I think anything below a 570 is worthless since they are probably dual-core. There have been many complaints on the forums about performance on 270's and 370's. I would only put those in at offices with <10 users, if at all.

    Not surprised they are Octeon's, thats what Sonicwall has been using for years.

    I doubt it's running VXWorks on an emulator. I don't think they'd go that far and change the UI so drastically. They'd have an entire team just supporting the emulation, and it seems like they don't have a large, non-management workforce. But your guess is as good as any.

    I think I overlooked that you were dealing with a 270. I concur with others, re-sell the 270 and if you are going to stick with Sonicwall get yourself a 570+.

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    If you aren't on the latest firmware version you should upgrade ASAP. SonicOS 7 early versions were terrible, I agree, but it has become much more stable over the past year.

    That said, I have not tried to install a different OS on these devices. My guess is Sonicwall put protections in place to prevent that.

    Coming from your 'own designed firewall' is going to be challenging no matter what product you choose. You designed the thing, it makes sense you are comfortable with it...

  • Thank you for that. I was wondering the chipset, in case that is an option. I am finding a great difficulty getting answers out of the documentation and licencing scheme. I may have set my expectations too high with my last firewall expereinces. (not a bad thing), I will try work with it.


    Many thanks

  • ArkwrightArkwright Community Legend ✭✭✭✭✭

    For whatever reason, Gen7 boxes don't state what CPU they use, whereas Gen6 did.

    I think you can safely assume that the bootloader is locked and you won't be running any other OS on it. I echo what has been stated above, you will get further by simply selling the TZ270 and buying some unlocked hardware instead if you want your choice of firewall OS.

  • TKWITSTKWITS Community Legend ✭✭✭✭✭
    edited December 2022

    FWIW, here are some details on reloading a 'wiped' device from USB.

    It is just running a custom flavor of GNU/Linux...

  • ArkwrightArkwright Community Legend ✭✭✭✭✭

    FWIW, here are some details on reloading a 'wiped' device from USB.

    So, TZ570 is Marvell Octeon TX2 CN9130 SOC with a quad-core ARM64 CPU at 2GHz. There is support for some of this hardware in OpenWRT, but your obstacle is still going to be the bootloader, and initialising the switch chip.

    It probably has a 10G link to a switch chip. The rest of the family presumably follow a similar pattern with different clock speed, RAM and physical interface breakouts.

    It is just running a custom flavor of GNU/Linux...

    I do wonder, given how sluggish they are, if they're running the gen6 VxWorks OS in an emulator on Linux :-D

  • Awesome. Thanks for the info. The big thing I am running into is the MySonicwall and integration of licencing to unlock features I need. (Dynamic Block lists) I also really wanted to integrate wildfire as that is priceless. That saves so much traffic, bandwidth, attacks, ADs.

    I have already opened the box and imaged it out. Running in a VM now. I will go thru it and modify to what I need. Probably thin it way down too, as the Session limits are way too small. I will try image the "edited" os back onto the device. Perhaps a decent version of the TZ270 might appear.


    Thanks for the good information. Hard to get some times.


    thanks

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    No problem. Most of us have been around a while and generally ignore the 'rant' posts, even if we are guilty of it sometimes too. I only joined in because BWC did.

    I didn't like the licensing aspect of it when I started with them years ago but have grown accustomed to it. Most 'business-level' firewalls have some sort of subscription requirement. Subscriptions aren't going away, it makes too much business sense.

    Come with intelligent questions and you'll get intelligent answers.

Sign In or Register to comment.