[VPN] Sonicwall Pro 300... or ???

Ryan Malayter rmalayter at bai.org
Fri Jan 17 16:35:01 EST 2003


Hmm... I've had decent experience with Sonicwall Pro-VX and Pro-300
devices. I had no trouble setting up an IPsec tunnel to a
Nokia/Firewall-1 appliance, but I had to make a pinging service to keep
the tunnel alive for longer than a few hours. Now it stays up
indefinitely. The software client worked for me on the first try. We've
had no reliability problems except a corrupted ruleset during a firmware
upgrade that had to be restored from backup. 

Considering the 300 appliance is about 1/4 the price of a Netscreen 200
series, I've been quite pleased with the functionality, management
interface, and quality of support. But if you've got the budget,
Netscreen is probably the Cadillac to the Sonicwall Pontiac.

Regards,
	-ryan-

> -----Original Message-----
> From: Dave Sroelov [mailto:dave at ascomputer.com] 
> Sent: Monday, January 13, 2003 6:19 PM
> To: Seth Robinson
> Cc: vpn at lists.shmoo.com
> Subject: Re: [VPN] Sonicwall Pro 300... or ???
> 
> 
> well, as long as we are not berating sonicwall, i figure i'll 
> add my two
> cents as well.  i have had a terrible time with sonicwall 
> products over the
> years.  when using the box simply as a firewall appliance, it 
> has been ok,
> but as soon as i introduced vpn into the mix there were 
> serious problems.  i
> have not found the units to be reliable or easily interoperable with
> anything.  tunnels come up (sometimes), tunnels go down (alot), and it
> usually took a hard reboot on both sides to get it running again.
> 
> in the grand scheme, for software based firewalls i used 
> symantec/axent, and
> for appliances i use netscreen.  since we are trying not to berate any
> vendor, i will not include the full list of appliances that i 
> dislike, or
> why.  if anyone would like to continue the discussion, we 
> could do it via
> direct email.
> 
>     dave
> 
> 
> 
> Seth Robinson wrote:
> 
> > I don't want to berate SonicWALL or anything, but I haven't 
> had the best
> > experience.  Especially with the client.  When I installed the 8.0
> > client, my computer (Win XP) wouldn't even turn on, and it 
> took me about
> > a day and a half to get it functioning again.  When I asked 
> SonicWALL
> > for help, they basically told me that they didn't know what 
> programs I
> > had on my computer, and they don't support software.  We have had
> > SonicWALL firewalls for about 1 1/2 years, and have still 
> not been able
> > to get a functioning client to box setup.  Box to Box is 
> another story,
> > It has worked very well, and took very little setup.
> >
> > It could be me, but be forewarned.
> >
> > If I did it again, I would go with a cisco pix.
> >
> >
> >
> >
> > Seth M. Robinson
> > Technology Support Specialist
> > University Credit Union
> > Rangeley Rd.
> > Orono, ME  04469-5779
> > 1-207-581-3577
> > 1-800-696-8628 (in Maine)
> > 1-800-992-8628 (USA)
> > www.ucu.maine.edu
> >
> > This e-mail message together with any attachments is 
> confidential and
> > intended only for the use of the individual or entity to 
> which it was
> > addressed.  If responding to the message do not include personal
> > information such as account number or social security 
> number as there is
> > a risk that an e-mail message could be intercepted. If you 
> are not the
> > intended recipient, you must not review, retransmit, convert to hard
> > copy, copy, use or disseminate this e-mail or any 
> attachments to it.  If
> > you have received this e-mail in error, please immediately 
> notify us by
> > return e-mail or by telephone at (207) 581-1458 and delete 
> this message.
> > This notice is automatically appended to each e-mail message leaving
> > University Credit Union.
> >
> > Thank you.
> >
> >
> > -----Original Message-----
> > From: vpn-admin at lists.shmoo.com 
> [mailto:vpn-admin at lists.shmoo.com] On
> > Behalf Of Duane Davis
> > Sent: Sunday, January 12, 2003 6:00 PM
> > To: vpn at lists.shmoo.com
> > Subject: [VPN] Sonicwall Pro 300... or ???
> >
> > I'm looking for advice on a hardware VPN appliance.
> >
> > I need a solution to address security and authentication 
> for a wireless
> > (802.11b) network.
> >
> > I've been fighting with an Avaya VPN setup for over a month and have
> > pretty much given up on it. I need something that actually 
> works from a
> > company that's willing to support thier product.
> >
> > The two topologies I've been considering are as follows. 
> the VPN gateway
> > would run either in series or parallel with my firewall. 
> The firewall
> > also protects two other network segments.
> >
> >         wireless client - WAP - VPN Gateway - Firewall - T1 router -
> > internet
> >
> >         wireless client - WAP - VPN Gateway - T1 router - internet
> >                               - Firewall    -
> >
> > I need the wireless client to be able to open a VPN to the 
> VPN gateway
> > before they can access the internet. It would also be nice 
> to be able to
> > offer static IP assignments to some clients, dynamic to others.
> > Bandwidth limiting would also be nice but is not required. 
> I don't need
> > site-to-site VPN, only Client-to-site. Support for more than just
> > Windows clients (ie. Mac, Unix) would be great.
> >
> > Today I was looking at the Sonicwall Pro 300.
> >
> > Does anyone out there have experience with the Sonicwall in 
> this type of
> > configuration? Or is there another product better suited 
> for my need?
> >
> > Please, don't suggest Linux or any other "software based" 
> solution. I
> > want a hardware based solution for reliability and performance.
> >
> > Thanks,
> >
> > Duane Davis
> > Nocturnal Networks
> >
> > _______________________________________________
> > VPN mailing list
> > VPN at lists.shmoo.com
> > http://lists.shmoo.com/mailman/listinfo/vpn
> >
> > _______________________________________________
> > VPN mailing list
> > VPN at lists.shmoo.com
> > http://lists.shmoo.com/mailman/listinfo/vpn
> 



More information about the VPN mailing list