Swapping out a Firewall - Sonicwall to Watchguard
+ Reply to Thread
Posts 1 to 4 of 4
  1. #1

    More time posting than coding


    Join Date
    Aug 2017
    Posts
    274
    Thanks (Given)
    12
    Thanks (Received)
    21
    Likes (Given)
    60
    Likes (Received)
    63

    Default Swapping out a Firewall - Sonicwall to Watchguard

    Doing a favor for a friend with a small business - they desperately want to move away from a managed service provider who are absolutely killing them in monthly rental fees for all of their equipment (they've paid 50k for an SBS server over the course of 6 years, and its an ML350 G6!) and part of that provision is their internet line and firewall.

    Internet line is in and tested, plumbed to a TOR switch. I am network savvy but by no means a guru, I used to manage firewalls and do the occasional setup in the past, but not for a long time.

    I need to replace their existing Sonicwall firewall with a Watchguard M200 - they've already purchased the hardware so i've no choice here.

    My thoughts on doing the job are to first get basic outbound connectivity on the WG by configuring the external interface, then setup the trusted internal interface, get a list of configured VPNs, firewall rules and routes from the Sonicwall.

    Once i've done the above, copy the configurations I obtained from the Sonicwall across to the WG manually, add the rules to the Watchguard and then test everything. I'm figuring this will take about half a day, leaving me with the rest of the day to diddle about closing any un-necessary ports (there will almost certainly be some..).

    I may massively be over simplifying things, because like I said I am network savvy and not a guru and this is very much a favor for a friend; I wouldn't do this if it was a professional services / contracting arrangement. Their setup should be fairly simple, there's only 60-70 users and three sites. Am I missing something?

  2. #2
    sal
    sal is offline

    Contractor Among Contractors


    Join Date
    Jun 2014
    Posts
    1,375
    Thanks (Given)
    2
    Thanks (Received)
    57
    Likes (Given)
    307
    Likes (Received)
    271

    Default

    Giving that the Sonicwall appears to be owned (and i guess managed) by the MSP, do you have access to it in the first place? MSPs don't usually give access to such systems to customers.

  3. #3

    More time posting than coding


    Join Date
    Aug 2017
    Posts
    274
    Thanks (Given)
    12
    Thanks (Received)
    21
    Likes (Given)
    60
    Likes (Received)
    63

    Default

    Quote Originally Posted by sal View Post
    Giving that the Sonicwall appears to be owned (and i guess managed) by the MSP, do you have access to it in the first place? MSPs don't usually give access to such systems to customers.
    Yep - read only access has been provided, I told them it was either that or a spreadsheet breaking down exactly what rules / routes / interfaces had been setup with details as to why and justifications. Guess they didn't want to actually work for their monthly fee!

  4. #4

    More time posting than coding


    Join Date
    Aug 2017
    Posts
    274
    Thanks (Given)
    12
    Thanks (Received)
    21
    Likes (Given)
    60
    Likes (Received)
    63

    Default

    As a followup to anyone else finding themselves in a similar situation... I ended up following my albeit brief implementation plan and everything worked!

+ Reply to Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Content Relevant URLs by vBSEO 3.6.0 ©2011, Crawlability, Inc.