On 5 Jun 2002, Dave Sherman wrote:

> Any idea why they are such a bad choice? I've never worked with one, and
> (perhaps unfortunately) my company just sold one (SonicWALL 200) to a
> customer, which I will be configuring when it arrives.

I don't know what people have against them.  Until I can get around my
problem, chalk me up for being anti Sonicwall.  My router of choice is the
Speedstream that they sell at Microcenter.  It has just about every
feature you need, the web port is NOT accesible from the outside, it has a
full firewalling feature set, etc.  I haven't seen any features on a
Linksys/Netgear/Sonicwall that this thing has.  Not to mention they're the
cheapest one available, I think Microcenter has them for <$50 now.


> Is the Apache server in the DMZ, with the SonicWALL protecting both the
> LAN and DMZ and doing NAT for both (probably different subnets, but
> still in non-routable networks like 192.168.1.x and 192.168.2.x)?

Nope, the Apache box and the LAN are on 192.168.1.0/24

> Were you told that the SonicWALL is unable to route your NAT'd packets
> back through to the DMZ and/or the local network?

Yes.

> Could you (or someone else) setup a DNS server inside the firewall, that
> would resolve your domains to local (and DMZ) IP addresses?

This is what I'm thinking.....

-Brian