I am purchasing a Sonicwall firewall and plan to install it between my SBS 2003 box and the internet. Currently, the SBS box is multihomed and uses ISA 2004. How do I go about configuring the firewall and uninstalling ISA 2004? (I want to free up some resources on the SBS box and don't think both a firewall and ISA are necessary) Here's what i have in mind, please tell me if I'm close or way off:
1.Configure sonicwall with public IP and DNS IPs from my ISP and test internet connectivity 2. Configure sonicwall for allow/deny rules that currently exist on ISA 2004 2.Re-run CEICW wizard and confiure for single NIC and make default gateway the private IP of the sonicwall LAN interface 3.Disable public NIC on SBS box 4.Disable ISA 2004
What's peculiar is that on the WAN NIC of the SBS box the preferred DNS is the LAN IP of the SBS box (192.x.x.x) - and it works. Shouldn't the DNS entries be those of my ISP?
Thanks in advance!!
This conversation is currently closed to new comments.
<i>What's peculiar is that on the WAN NIC of the SBS box the preferred DNS is the LAN IP of the SBS box (192.x.x.x) - and it works. Shouldn't the DNS entries be those of my ISP?</i>
Normally, the public DNS addresses would be in the forwarders of your DNS server. Since the SBS is pointing to itself for DNS, I would imagine it is running a DNS server role as well. In which case you just leave that as-is, unless you plan on removing your DNS server, which I would very much advise against.
If you don't have a DNS server, I would think the DNS should be pointing to your internet gateway, which would have your ISP's DNS configured.
Otherwise, sure, you can replace the FW in the SBS with a better one. Others might have hints on making this work smoothly. Is this an AD environment?
Thanks for responding. Yes, it's an AD environment and yes, the SBS also serves as DNS server - you're spot on in your explanation. Unfortunately, I'm now experiencing a connectivity issue - the SBS will not browse the internet. I can ping my gateway and use nslookup to resolve names to IP but I cannot browse. I notice on the NIC that the activity led (orange) barely flashes and the amount of packets sent/received is very low. I've tried bypassing ISA 2004 but no dice. I've also tried restoring the system state to a previous version but that does not help either. Regrettably, I ran some updates yesterday so I think that may have something to do with it. Also, in Event Viewer the following events occured: 14060, 14001 & 14177. I researched them but have not found anything useful.
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
disable ISA 2004 use Sonicwall
I am purchasing a Sonicwall firewall and plan to install it between my SBS 2003 box and the internet. Currently, the SBS box is multihomed and uses ISA 2004. How do I go about configuring the firewall and uninstalling ISA 2004? (I want to free up some resources on the SBS box and don't think both a firewall and ISA are necessary) Here's what i have in mind, please tell me if I'm close or way off:
1.Configure sonicwall with public IP and DNS IPs from my ISP and test internet connectivity
2. Configure sonicwall for allow/deny rules that currently exist on ISA 2004
2.Re-run CEICW wizard and confiure for single NIC and make default gateway the private IP of the sonicwall LAN interface
3.Disable public NIC on SBS box
4.Disable ISA 2004
What's peculiar is that on the WAN NIC of the SBS box the preferred DNS is the LAN IP of the SBS box (192.x.x.x) - and it works. Shouldn't the DNS entries be those of my ISP?
Thanks in advance!!