Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Looking for an approach to revamping network and SonicWall settings

LarryLarry All-Knowing Sage ✭✭✭✭

A client is completely renovating his office and I am planning a complete network refresh.

Unfortunately, I don't have a "test" version of his TZ670 (7.0.1) to use to pre-build the changes.

Existing LAN on X1 is 192.168.1.xyz and flat, the back-office LAN is on X2, Wi-Fi is on X3 via HPE Aruba Instant On with no managed switches. DHCP is on Windows Server for LAN and firewall for X2 and X3.

Looking to have LAN on X1 in 192.168.100.abc, with VLAN for back-office, VLAN for camera system, and another VLAN for VOIP, all with HPE Aruba Instant On managed switches.

Can anyone recommend a reasonable way in which to stand up this new network on the firewall so I can activate it during implementation weekend?

First time I'm encountering this situation and I'm stumped.

Category: Entry Level Firewalls
Reply

Best Answers

  • CORRECT ANSWER
    TKWITSTKWITS Community Legend ✭✭✭✭✭
    Answer ✓

    The way I do most cutovers is set everything up (or as close to everything as possible) ahead of time and leave the bare minimum to the day of.

    Usually day of cutover involves changing a few IPs, adding a few routes, DHCP/IP Helper adjustments, changing a few cables around, etc.

    In your case, I'd build out the Zones, VLANs, Access Rules ahead of time using unused subnets and plan out the cabling changes. Day of would be cabling changes, deleting unneeded interfaces, and changing subnets on the VLANs.

  • CORRECT ANSWER
    ArkwrightArkwright Community Legend ✭✭✭✭✭
    Answer ✓

    Do you have any spare Sonicwalls at all? If so, pre-build the config and use the migration tool to migrate it to TZ670.

    The alternative is to use the CLI, but even then, if you're not already well familiar with the CLI config format then you would still need a spare firewall to test the config elements you've created.

  • CORRECT ANSWER
    LarryLarry All-Knowing Sage ✭✭✭✭
    Answer ✓

    The solution will be a combination of both your replies.

    I have just obtained a TZ470 for a client and will use that: migrate TZ670 settings to TZ470, update them, export them - migrate when turnover day occurs. Factory refresh TZ470 and set up settings according to site's requirements.

    Thanks!

Answers

Sign In or Register to comment.