Posted January 14, 2020 Hey guys, I had a quick question about adding a physical firewall to my home network. At work we put a firewall in a small business and with like sonic wall you have 5 licenses to give out for VPN into that network. I want to buy a used either sonic wall or watch guard t-10 or t-15. Would I need to buy some sort of license to get this to work? I'm not 100% how to go about this and the support people i contacted have not responded and it's been a few days. Any help would be greatly appreciated. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 14, 2020 They need a word other than physical firewall. That implies a fire barrier wall Not a pro, not even very good. I’m just old and have time currently. Assuming I know a lot about computers can be a mistake. Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 14, 2020 7 minutes ago, Bombastinator said: They need a word other than physical firewall. That implies a fire barrier wall Physical appliance as opposed to a virtual appliance Current Network Layout: Current Build Log/PC: Prior Build Log/PC: Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 14, 2020 The fact sonicwall sales licenses on an annual-renew basis...makes me think yes. Wish I knew more...sorry. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 14, 2020 Author 1 minute ago, Stu_Bear said: The fact sonicwall sales licenses on an annual-renew basis...makes me think yes. Wish I knew more...sorry. I literally set these up all the time for clients, you'd think i know lol but i found good deals on ebay., but i knew it wouldn't be as simple as pluggint it in and going Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 14, 2020 From what I can tell yes you need a subscription for the appliance which seems to run, for the lower end models, around $400/year https://community.spiceworks.com/topic/2154726-sonicwall-subscription-pricing-am-i-missing-something Edit: I did miss something, you get basic functionality without a subscription but you don't get updates, etc. https://community.spiceworks.com/topic/1409557-sonicwall-tz210-unregistered-can-i-still-use-it-for-basic-functionality Current Network Layout: Current Build Log/PC: Prior Build Log/PC: Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 14, 2020 We are trialing Meraki gear right now, the firewall is great, but their client VPN really sucks... so I did some looking into it and sometime soon will either buy a Cisco Wireless controller (no firewall), or one of the ASA's (has a firewall) to use AnyConnect as it is an easy way so employees can just download something, type in user/pass, and get on the network. From what I can find, still not 100% sure on this though, most of them have perpetual licenses with different features enabled. If you check eBay sometimes they are ~$50 for 250 VPN users on perpetual, and some ASA's have the Security Plus license as perpetual. I haven't found a good one with AnyConnect for Mobile already licensed though, so waiting to find a good deal on one of those to play with. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 15, 2020 easy, build a wall made of wood and set it on fire. surround the buildings with it. That is about as physical as it gets Sudo make me a sandwich Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 15, 2020 Do you need a commerical firewall? Open-source like PFSense does not fit your need? Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 15, 2020 12 hours ago, beavo451 said: Do you need a commerical firewall? Open-source like PFSense does not fit your need? I second this. There are much better solutions like the one above. I mean if you just want a firewall with added VPN capabilities there are plenty of consumer grade offerings for that and you also have 3rd party firmware if you need more advanced features. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 15, 2020 I didn't even know a physical firewall was a thing before I saw this thread. I read the title and thought of a burning wall. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 15, 2020 3 minutes ago, J4C0B 4W3S0M3 said: I didn't even know a physical firewall was a thing before I saw this thread. I read the title and thought of a burning wall. They're Enterprise devices - while a few have been made over the years, there are little to no firewall appliances in the consumer market. Almost every enterprise has a dedicated firewall (either physical appliance, or firewall virtual appliance running as a VM). For Sale: Meraki Bundle iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600) Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 15, 2020 (edited) 7 minutes ago, dalekphalm said: They're Enterprise devices - while a few have been made over the years, there are little to no firewall appliances in the consumer market. Almost every enterprise has a dedicated firewall (either physical appliance, or firewall virtual appliance running as a VM). @J4C0B 4W3S0M3 Appliance in this case means a specific dedicated computer that is the connection to the internet. All network traffic has to go through it. Edited January 15, 2020 by Bombastinator Derp Not a pro, not even very good. I’m just old and have time currently. Assuming I know a lot about computers can be a mistake. Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 15, 2020 1 hour ago, J4C0B 4W3S0M3 said: I didn't even know a physical firewall was a thing before I saw this thread. I read the title and thought of a burning wall. Most people refer to them as soft/hard. Are you using software to handle the firewall or hardware. In this specific case he is looking for a physical hardware firewall that is it's own stand alone unit. In the consumer space you have a router/firewall combination or a gateway device which serves as a modem, router, and firewall. That isn't even considering wifi or usb ports to mount network drives. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 16, 2020 Its my understand that pfSense can do everything a hardware box can, its just you have to configure the software yourself vs a plug and play solution you are paying dearly for. Router: Intel N100 (pfSense) WiFi6: Zyxel NWA210AX (1.7Gbit peak at 160Mhz) WiFi5: Ubiquiti NanoHD OpenWRT (~500Mbit at 80Mhz) Switches: Netgear MS510TXUP, MS510TXPP, GS110EMX ISPs: Zen Full Fibre 900 (~930Mbit down, 115Mbit up) + Three 5G (~800Mbit down, 115Mbit up) Upgrading Laptop/Desktop CNVIo WiFi 5 cards to PCIe WiFi6e/7 Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 16, 2020 Author 24 minutes ago, Alex Atkin UK said: Its my understand that pfSense can do everything a hardware box can, its just you have to configure the software yourself vs a plug and play solution you are paying dearly for. i think its just lack of knowledge on why i didn't wanna go this route. in essence i just wanna be able to give my buddy access to our game server from his house with out teamviewer. I might need to look up some guides for PFsense Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 16, 2020 58 minutes ago, Alex Atkin UK said: Its my understand that pfSense can do everything a hardware box can, its just you have to configure the software yourself vs a plug and play solution you are paying dearly for. While pfSense will definitely require more configuration, we should be clear that even an enterprise firewall isn’t really plug and play. Sure you COULD do that with minimal configuration (just setting up your basic routing), but you wouldn’t be getting the majority of the benefits without diving into the config s and building ACL’s (access control lists) and other rules. For Sale: Meraki Bundle iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600) Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 16, 2020 Author 12 minutes ago, dalekphalm said: While pfSense will definitely require more configuration, we should be clear that even an enterprise firewall isn’t really plug and play. Sure you COULD do that with minimal configuration (just setting up your basic routing), but you wouldn’t be getting the majority of the benefits without diving into the config s and building ACL’s (access control lists) and other rules. Yea i just know how to set those up lol since i work for an MSP and setup watchguards all the time, just wasn't sure if i bought one used on ebay how that worked with havin the mobile SSL VPN feature they have ( which i love) but i'm definitely open to trying pfsense, since i do see it is free and free is good. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 16, 2020 1 hour ago, bobbybdennis said: Yea i just know how to set those up lol since i work for an MSP and setup watchguards all the time, just wasn't sure if i bought one used on ebay how that worked with havin the mobile SSL VPN feature they have ( which i love) but i'm definitely open to trying pfsense, since i do see it is free and free is good. You'd have to contact Watchguard to find out for sure - it would really depend on if the VPN licenses were device based or account based. If they are tied to the device, then a used one should bring it's old license with it. Worst case, you might have to buy a new license from Watchguard - you'd want to talk to them for pricing. For Sale: Meraki Bundle iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600) Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted January 21, 2020 Author On 1/16/2020 at 12:50 PM, dalekphalm said: You'd have to contact Watchguard to find out for sure - it would really depend on if the VPN licenses were device based or account based. If they are tied to the device, then a used one should bring it's old license with it. Worst case, you might have to buy a new license from Watchguard - you'd want to talk to them for pricing. Ended up just buying a tiny monitor from the thrift store, allowed unattended access for my buddy with team viewer lol. overall cost: $14 Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now