Solved

Sonicwall nodes

Posted on 2009-03-31
2
1,021 Views
Last Modified: 2012-06-21
I am looking into a TZ180 for a client and am trying to understand this node thing.
Lets assume we get the 10 node version and we have 20 machines on the network....
(I know I should probably be getting the 25 node version)
but my question is will the other 10 machines not be able to access the internet at all? Or will they just not be protected by the "firewall"?
It says that it supports 1024 dhcp leases which is why I am confused.  What exactly are the 10 nodes for?  Just the firewall features?
Thanks.
0
Comment
Question by:splitrockit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 32

Assisted Solution

by:dpk_wal
dpk_wal earned 62 total points
ID: 24046251
By 10 node license it means that any first users on a network of 20 users would be able to access the internet, any user from 11 and onwards would be denied internet access.
There would no compromise for any user on firewall part.
If you wish to have few machines not access the internet you can configure Node License Exclusion List [System > Licenses].

DHCP lease is for internal network management and has nothing to do with node license; consider an example where there are only 7 users on an office and 5 printers; normally printers would not access internet. In this case 10 user node license would serve the purpose, also DHCP would be able to lease IP address to all 12 devices (7 users and 5 printers) however, still a max of 10 users get to internet.

The way node licenses are used, whenever a machine from internal zones attempts to send traffic to WAN interface a license is consumed for that machine. Any subsequent traffic uses same license for that machine. After a 5 minute period of inactivity, hosts are considered inactive and the license is freed and can be utilized by other hosts on the network.

Please let know if you need more information.

Thank you.
0
 
LVL 17

Accepted Solution

by:
ccomley earned 63 total points
ID: 24048394
The "nodes" are "IP addresse on the LAN (or DMZ) side of the firewall which can access the WAN.

The first ten (twenty five, etc) that the Sonicwall sees are given access, after that, you will see a Licence Exceeded enty i the log and the eleventh (twenty sixth) computer to try to access the internet will get no response. Such computers can still see LAN resources, but can't access the outside world.

If you find that things like printers are taking up "slots" in the table, you can write DENY rules which prevent them from talking to the net, if they can't talk they don't get filled in in the table and counted.

However, if you have more than 10 actual bums on seats (and you should allow for your server(s) and for any guest users) then you need better than a 10user box.

Note - with Enhanced OS on the Sonicwall you can clear down the table and start over, so if a visitor has "used" up a valuable node count you can clear it without rebooting. With Standard OS, you need to reboot to clear expired entries from the table.

0

Featured Post

Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Router disappearing from network on one pc 18 51
Can't access router with user and pass 10 109
Mac address in Nexus7K fex port 5 46
Router Issue? 9 32
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question