Solved

Sonicwall nodes

Posted on 2009-03-31
2
1,013 Views
Last Modified: 2012-06-21
I am looking into a TZ180 for a client and am trying to understand this node thing.
Lets assume we get the 10 node version and we have 20 machines on the network....
(I know I should probably be getting the 25 node version)
but my question is will the other 10 machines not be able to access the internet at all? Or will they just not be protected by the "firewall"?
It says that it supports 1024 dhcp leases which is why I am confused.  What exactly are the 10 nodes for?  Just the firewall features?
Thanks.
0
Comment
Question by:splitrockit
2 Comments
 
LVL 32

Assisted Solution

by:dpk_wal
dpk_wal earned 62 total points
ID: 24046251
By 10 node license it means that any first users on a network of 20 users would be able to access the internet, any user from 11 and onwards would be denied internet access.
There would no compromise for any user on firewall part.
If you wish to have few machines not access the internet you can configure Node License Exclusion List [System > Licenses].

DHCP lease is for internal network management and has nothing to do with node license; consider an example where there are only 7 users on an office and 5 printers; normally printers would not access internet. In this case 10 user node license would serve the purpose, also DHCP would be able to lease IP address to all 12 devices (7 users and 5 printers) however, still a max of 10 users get to internet.

The way node licenses are used, whenever a machine from internal zones attempts to send traffic to WAN interface a license is consumed for that machine. Any subsequent traffic uses same license for that machine. After a 5 minute period of inactivity, hosts are considered inactive and the license is freed and can be utilized by other hosts on the network.

Please let know if you need more information.

Thank you.
0
 
LVL 16

Accepted Solution

by:
ccomley earned 63 total points
ID: 24048394
The "nodes" are "IP addresse on the LAN (or DMZ) side of the firewall which can access the WAN.

The first ten (twenty five, etc) that the Sonicwall sees are given access, after that, you will see a Licence Exceeded enty i the log and the eleventh (twenty sixth) computer to try to access the internet will get no response. Such computers can still see LAN resources, but can't access the outside world.

If you find that things like printers are taking up "slots" in the table, you can write DENY rules which prevent them from talking to the net, if they can't talk they don't get filled in in the table and counted.

However, if you have more than 10 actual bums on seats (and you should allow for your server(s) and for any guest users) then you need better than a 10user box.

Note - with Enhanced OS on the Sonicwall you can clear down the table and start over, so if a visitor has "used" up a valuable node count you can clear it without rebooting. With Standard OS, you need to reboot to clear expired entries from the table.

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Building small business network 4 72
What is CPU in "RP/0/RSP0/CPU0:router#"? 6 46
The purpose of using BGP 33 102
Google Play app store not being blocked from smartphones 4 53
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question