activateahsd
asked on
Draytek firewall just for wireless management behind Sonicwall Gateway Firewall
Hi
Can i have a Draytek Vigor 2860 behind another firewall?
The reason I am asking is that the company are going to upgrade the firewall to a Sonicwall Next Gen firewall but the existing firewall (the Draytek) manages the wireless access points so i want to keep it on the the network if possible but just for that task rather than for its 'firewall abilities'.
Can this be done?
Thanks,
Andrew
Can i have a Draytek Vigor 2860 behind another firewall?
The reason I am asking is that the company are going to upgrade the firewall to a Sonicwall Next Gen firewall but the existing firewall (the Draytek) manages the wireless access points so i want to keep it on the the network if possible but just for that task rather than for its 'firewall abilities'.
Can this be done?
Thanks,
Andrew
ASKER
So the Draytek would sit between the Sonicwall and the switch?
Can it be done so the Sonicwall goes into the Switch and the Draytek just comes off the Sonicwall independantly (but on the same LAN subnet)?
Reason being that i dont want the Draytek to be a point of failure that could affect the whole network.
Thanks
Andrew
Can it be done so the Sonicwall goes into the Switch and the Draytek just comes off the Sonicwall independantly (but on the same LAN subnet)?
Reason being that i dont want the Draytek to be a point of failure that could affect the whole network.
Thanks
Andrew
from a security perspective, you would always put WLAn on a different security zone.
well optionally you can also put the draytek on the same lan as the SonicWall and leave it's WAN port disconnected.
If it's a DHCp server for the WLAN make sure to provision the SonicWall's IP address instead of the draytek.
Perhaps easier, but dfinlety less secure...
well optionally you can also put the draytek on the same lan as the SonicWall and leave it's WAN port disconnected.
If it's a DHCp server for the WLAN make sure to provision the SonicWall's IP address instead of the draytek.
Perhaps easier, but dfinlety less secure...
ASKER
OK thanks, that makes sense, if the WAN port is disconnected then i guess the firewall within the Draytek is redundant?
Thanks
Andrew
Thanks
Andrew
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
great thanks
then use the draytek as a router to the LAN
you will have to add a route ont he Sonicwall fo rthe subnet behind the draytek