Networks

Question

Gravatar
Locked

disable ISA 2004 use Sonicwall

By yohance8 ·
Greetings,

I am purchasing a Sonicwall firewall and plan to install it between my SBS 2003 box and the internet. Currently, the SBS box is multihomed and uses ISA 2004. How do I go about configuring the firewall and uninstalling ISA 2004? (I want to free up some resources on the SBS box and don't think both a firewall and ISA are necessary) Here's what i have in mind, please tell me if I'm close or way off:

1.Configure sonicwall with public IP and DNS IPs from my ISP and test internet connectivity
2. Configure sonicwall for allow/deny rules that currently exist on ISA 2004
2.Re-run CEICW wizard and confiure for single NIC and make default gateway the private IP of the sonicwall LAN interface
3.Disable public NIC on SBS box
4.Disable ISA 2004

What's peculiar is that on the WAN NIC of the SBS box the preferred DNS is the LAN IP of the SBS box (192.x.x.x) - and it works. Shouldn't the DNS entries be those of my ISP?

Thanks in advance!!

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Answers

gravatar
Collapse -

You don't run a DNS server?

by seanferd In reply to disable ISA 2004 use Soni ...

<i>What's peculiar is that on the WAN NIC of the SBS box the preferred DNS is the LAN IP of the SBS box (192.x.x.x) - and it works. Shouldn't the DNS entries be those of my ISP?</i>

Normally, the public DNS addresses would be in the forwarders of your DNS server. Since the SBS is pointing to itself for DNS, I would imagine it is running a DNS server role as well. In which case you just leave that as-is, unless you plan on removing your DNS server, which I would very much advise against.

If you don't have a DNS server, I would think the DNS should be pointing to your internet gateway, which would have your ISP's DNS configured.

Otherwise, sure, you can replace the FW in the SBS with a better one. Others might have hints on making this work smoothly. Is this an AD environment?

gravatar
Collapse -

Reponse To Answer

by yohance8 In reply to You don't run a DNS serve ...

Thanks for responding. Yes, it's an AD environment and yes, the SBS also serves as DNS server - you're spot on in your explanation. Unfortunately, I'm now experiencing a connectivity issue - the SBS will not browse the internet. I can ping my gateway and use nslookup to resolve names to IP but I cannot browse. I notice on the NIC that the activity led (orange) barely flashes and the amount of packets sent/received is very low. I've tried bypassing ISA 2004 but no dice. I've also tried restoring the system state to a previous version but that does not help either. Regrettably, I ran some updates yesterday so I think that may have something to do with it. Also, in Event Viewer the following events occured: 14060, 14001 & 14177. I researched them but have not found anything useful.

Anu ideas? Anyone?

Back to Networks Forum
2 total posts (Page 1 of 1)  

Start or search

Related Discussions

Related Forums