Emergency Question - Need a firewall

wolfstar76 · 2013-07-25T17:46:30.000Z

So, my SonicWall NSA 2400 just died hard.

A replacement unit ~might~ be here tomorrow (up against a shipping deadline and SonicWall support is being. . . odd).

Crazy question of the week: Does anyone have a spare firewall/UTM device lying around that our company could rent on an emergency provision? A matching SonicWall would be ideal, as I have a backup config - but we’re dead in the water at the moment (I’m on my 4G Wifi Hotspot at the moment).

Would love to hear suggestions. Considering picking up a router/firewall at BestBuy real quick and trying to finagle that to work - just to get e-mail flowing and basic services, but I’m kinda concerned that our traffic flow would be a bit much for an off the shelf device to process.

Not to mention it wouldn’t REALLY get me up and running the way I need.

frol · 2013-07-25T17:55:55.000Z

I do have old Cisco PIX 515 on shelf. Not SonicWall though.

joematuscak · 2013-07-25T18:04:09.000Z

Maybe this is off the wall, but If you have a spare desktop there are a number of free firewall distributions that you can download and install. For example:

Arista - Edge Threat Management – 9 Jun 11

Edge Threat Management takes the complexity out of network security.

Get everything you need in a single, modular platform that fits the evolving needs of your organization without the headaches of multiple point solutions.

http://www.ipcop.org/

They can also be installed in a virtual machine if you have a virtual host that has an open NIC you can dedicate to the WAN side of the firewall.

wolfstar76 · 2013-07-25T18:05:41.000Z

I can probably slam a laptop into place temporarily, Joe. Lemme look into that.

frol · 2013-07-25T18:21:26.000Z

Wolf, don’t forget, you’ll need 2 NICs at least. Any laptop with them?

wolfstar76 · 2013-07-26T14:56:41.000Z

Got our SonicWall replacement this morning.

Happy SysAdmin day to me, I get to rebuild all my firewall rules from scratch.

joematuscak · 2013-07-26T15:30:09.000Z

Sorry if this is a dumb question, we’ve got a Sonicwall at a location that we acquired but I’m pretty unfamiliar with them. Do they have a configuration backup capability?

wolfstar76 · 2013-07-31T15:33:59.000Z

So, here’s what I’ve learned through hardcore trial and error.

I was pushing the button on my Sonicwall with each change that allows it to create it’s own backup internally. This shows up in SYSTEM > SETTINGS as “System Backup” - and I even had a copy of that .sig file downloaded, so that - should the worst ever happen (like this) I could just re-upload that file and BAM, we’d be up and running again.

Well.

That isn’t the case. ALLEGEDLY if I reboot my currently working device into “safe mode” (hardware reset it and reboot) I could upload that .sig and all my settings would come back - but I’ve put too much manual labor into restoring things by hand at this point, and am secretly afraid that uploading that firmware .sig might re-corrupt my “new” SonicWall.

What I ~should~ have done was go to SYSTEM > SETTINGS and used the “Export Settings” option to download an .exp file. THIS would allow me to re-upload my configuration and be up and running in nearly no time.

LEARN FROM MY MISTAKE.

If you’re responsible for a SonicWall - download your current settings via that button every time you make a change, and save that file somewhere secure (I dump mine into the Spiceworks Hardware profile for the Sonicwall, and trust that the Spiceworks backups (which get dumped and backed up to a file server) will give me multiple redundancies in this.