Doing a favor for a friend with a small business - they desperately want to move away from a managed service provider who are absolutely killing them in monthly rental fees for all of their equipment (they've paid £50k for an SBS server over the course of 6 years, and its an ML350 G6!) and part of that provision is their internet line and firewall.
Internet line is in and tested, plumbed to a TOR switch. I am network savvy but by no means a guru, I used to manage firewalls and do the occasional setup in the past, but not for a long time.
I need to replace their existing Sonicwall firewall with a Watchguard M200 - they've already purchased the hardware so i've no choice here.
My thoughts on doing the job are to first get basic outbound connectivity on the WG by configuring the external interface, then setup the trusted internal interface, get a list of configured VPNs, firewall rules and routes from the Sonicwall.
Once i've done the above, copy the configurations I obtained from the Sonicwall across to the WG manually, add the rules to the Watchguard and then test everything. I'm figuring this will take about half a day, leaving me with the rest of the day to diddle about closing any un-necessary ports (there will almost certainly be some..).
I may massively be over simplifying things, because like I said I am network savvy and not a guru and this is very much a favor for a friend; I wouldn't do this if it was a professional services / contracting arrangement. Their setup should be fairly simple, there's only 60-70 users and three sites. Am I missing something?
Internet line is in and tested, plumbed to a TOR switch. I am network savvy but by no means a guru, I used to manage firewalls and do the occasional setup in the past, but not for a long time.
I need to replace their existing Sonicwall firewall with a Watchguard M200 - they've already purchased the hardware so i've no choice here.
My thoughts on doing the job are to first get basic outbound connectivity on the WG by configuring the external interface, then setup the trusted internal interface, get a list of configured VPNs, firewall rules and routes from the Sonicwall.
Once i've done the above, copy the configurations I obtained from the Sonicwall across to the WG manually, add the rules to the Watchguard and then test everything. I'm figuring this will take about half a day, leaving me with the rest of the day to diddle about closing any un-necessary ports (there will almost certainly be some..).
I may massively be over simplifying things, because like I said I am network savvy and not a guru and this is very much a favor for a friend; I wouldn't do this if it was a professional services / contracting arrangement. Their setup should be fairly simple, there's only 60-70 users and three sites. Am I missing something?
Comment