Author Topic: Firewall for Site to Site - SonicWALL TZ 100 - Vulcan, others? (Read 557 times)

Ghastly · « **on:** May 28, 2010, 07:26:06 AM »

Does anyone have any comment or experience with using the SonicWALL TZ line (100 in particular) to establish a network of Site to Site VPN's?

The Netgear's FVS318G's I've been using are a) limiting, in that I now have much more bandwidth than they have IPSEC bandwidth and an ever increasing nightly transfer size b) are causing problems with streaming video that doesn't happen through any other router we've used c) one of the three is getting flaky anyway, and I have to replace it.

Or does someone have a recommendation for a better $200-300 router with an IPSEC bandwidth of greater than about 15 Mbps or so?

Oh, and it must allow AH traffic

- one of them goes on my home network. Not that I get to play any more, but some day, I'll have time again!

<S> and thanks in advance for any input.

Guy

RTHolmes · « **Reply #1 on:** May 28, 2010, 08:02:18 AM »

have a look at draytek 2820 series, I use them for site to site VPNs

http://draytek.com/user/PdListbyCategory.php?action=LoadData&Typeid=25

Ghastly · « **Reply #2 on:** May 29, 2010, 10:40:49 AM »

Thanks RTHolmes. I looked at the link, but ended up orderering a pair of TZ 200's. I can get them through my regular vendor, which means I can box them back up and send 'em back if I don't like what I get.

Thanks for the input though - they do look like they could be a decent solution.

<S>

Vulcan · « **Reply #3 on:** May 30, 2010, 07:31:55 PM »

TZ-100's/200's rock, they have dedicated crypt CPU's, so perform better than your run of the mill SOHO router. Draytek says it's hardware based VPN but doesn't put any spec's to it (which is odd).

Let me know if you have any questions with the 200's config

RTHolmes · « **Reply #4 on:** May 31, 2010, 08:09:19 AM »

the 2820s use Infineon (now Lantiq) Danube Dual MIPS 24KEc @333MHz chipset, although I believe there is a separate copro for encryption and others for running the network stack and other functions. enough power in other words

never had a draytek fall over due to flood attacks where cheap home routers eventually give up, they just keep chugging along

edit: chipset details here (2820s use the S version with the additional IPSec processor):
http://www.lantiq.com/uploads/tx_abzlantiqproducts/PB-e-0029-v1_lres_01.pdf

Ghastly · « **Reply #5 on:** May 31, 2010, 10:51:27 AM »

Thanks guys - Vulcan, good to know that you like them, given your experience. I was torn between opting for the 200's and going with the 100's. From what I could see, the 100's should have been more than powerful enough but... I opted for the "fix it once and forget it" solution for a few dollars more, rather than find out that the 100's were still limiting me.

Have a great holiday!

Aces High Bulletin Board

Author Topic: Firewall for Site to Site - SonicWALL TZ 100 - Vulcan, others? (Read 557 times)

Ghastly

Firewall for Site to Site - SonicWALL TZ 100 - Vulcan, others?

RTHolmes

Re: Firewall for Site to Site - SonicWALL TZ 100 - Vulcan, others?

Ghastly

Re: Firewall for Site to Site - SonicWALL TZ 100 - Vulcan, others?

Vulcan

Re: Firewall for Site to Site - SonicWALL TZ 100 - Vulcan, others?

RTHolmes

Re: Firewall for Site to Site - SonicWALL TZ 100 - Vulcan, others?

Ghastly

Re: Firewall for Site to Site - SonicWALL TZ 100 - Vulcan, others?