# We'll probably be retiring our SonicWall TZ-190. Any suggestions on a replacement?



## hbquikcomjamesl (Jul 1, 2015)

Our TZ-190 seems to be showing its age; it crashed twice in less than a week.

And we're more than a little bit puzzled (see my other thread, with the typo in the title, calling it a "TX-190") about setting up a VPN on it, while we're up and running, without taking our whole network down in the process.

Any suggestions on a reliable, easy-to-configure, router/firewall/VPN appliance that will support remote users (off-site employees), on both WinDoze and Mac, who need to pass through our public IP address in order to get to other remote systems?


----------



## MitchConner (May 8, 2015)

What's your budget mate?


----------



## hbquikcomjamesl (Jul 1, 2015)

Well, we were looking at a TP-Link TL0ER604W (with a street price of about $100 US), which supports VPN protocols that apparently have clients built into both WinDoze and Mac, but which also seems to have gotten some terrible reviews (and I note that TP-Link seems to have practically no third-party references or tutorials online, whereas SonicWall has a huge body of third-party support).

And I know just enough about the whole subject of routers, firewalls, and VPNs to know just how little I know, and to be completely terrified of the prospect of poking around with live, mission-critical, network connection hardware without expert supervision.

By the way, is the requirement of having different subnets at opposite ends of a tunnel something peculiar to SonicWall Global VPN, or is it universal to all VPNs? I've taken some baby steps towards moving our internal network off 192.168.1.x.


----------



## MitchConner (May 8, 2015)

Normally your encryption domain (the traffic to be encrypted) needs to be defined at both ends of the VPN. They'll need to be NAT exempt so you can't route to the same subnet across the link. It'd work public IP to public IP.

How many ports are you currently using on your sonicwall?


----------



## hbquikcomjamesl (Jul 1, 2015)

MitchConner said:


> How many ports are you currently using on your sonicwall?


Like I said, I know just enough about these things to know how little I know.

Are we talking physical connections? I believe we're using just the wired WAN (no WWAN, and that card slot is empty), one wired LAN connection, and WiFi.

Are we talking TCP port numbers? Well, there's most of the usual ones, like Telnet, Secured TN5250, FTP, HTTP, HTTPS, maybe SSH, and various database protocols, as well as a few that are proprietary to our own products (especially our CRM product).

Are we talking about something else? Then I haven't a clue.


----------



## MitchConner (May 8, 2015)

Just the physical ports mate 

Last question, how many remote users do you have accessing over VPN?


----------



## hbquikcomjamesl (Jul 1, 2015)

As many as 4-5 in all, but most likely no more than 1 or 2 at the same time, particularly since most of them would only need the VPN connection for situations where they need to pass through our public IP address to get to places they can't reach directly.


----------



## MitchConner (May 8, 2015)

Thanks mate.

For your budget, I would go for something from the Cisco SOHO RV range of routers:
Cisco RV215W-E-K9-G5 - Router RV215W Wireless N VPN Firewall - Ebuyer

That's roughly 103 American currency units.

Cisco RV Routers:
Cisco Small Business RV Series Routers - Products & Services - Cisco

It's basically a combo box (router,firewall,VPN, content filter, wireless) with a super easy GUI. It'll last you a long time as well.


----------



## hbquikcomjamesl (Jul 1, 2015)

Hmm. That seems to be a European version. Is this substantially the same thing?


----------



## MitchConner (May 8, 2015)

It'll be exactly the same mate.


----------



## hbquikcomjamesl (Jul 1, 2015)

Thanks. And we're already familiar with Cisco products, and with Linksys products from the period when they were a subsidiary of Cisco, and so that's a plus as well. The way you talk about it, it looks like it might even be simple enough even for me to deal with, without inviting disaster.


----------



## MitchConner (May 8, 2015)

Cisco SOHO products are ridiculously easy to configure mate  But if you do get stuck at all, just give us a shout.


----------

