Moving Nokia platform

[the_chicco]

Hey all.

I am a relative newbie when it comes to Checkpoint, my main areas being Pix, Netscreen, etc so please be gentle.

I have just aquired a Nokia IP330 from eBay for a good price, it's only sitting on FW-1/VPN-1 v4.1 but it does come with Enterprise software and subscription support until January 2007 so it can be upgraded.

The IP330 being an old bit of kit, I was hoping to get a more powerful Nokia from eBay and use this instead. Is that possible?

Also would there be any issues with this sitting behind a Cisco 1751 connected to an ADSL line with the External IP of the Nokia being on a private LAN range?

[rubber_chicken]

Hi,

It depends a bit on what you plan to do with the connection.

The IP330 was a decent piece of kit and I had 250 users sitting behind one sharing a 4mb internet connection. The only time it ever wobbled was when I tried to pull 200GB over it. (DMZ to Trusted @ 100MB/s) As it didn't have hardware VPN acceleration the CPU ran a little high as we had 20 site to site VPNs and about another 20 concurrent SecureClient connections terminating on it.

So if you are putting it on an ADSL connection, you should be fine.

As for the networking, you should be fine, although you may have issues with NAT if you have a big address pool.

[the_chicco]

Hey,

thanks for the reply Rubber_Chicken.

It's literally just going to be for me. 8MB ADSL link and I will have my 3 x vmware esx boxes sitting behind it, running probably 10/15 instances of 2003/ redhat es. Will have some light smtp (exchange) & http (iis / apache)traffic, dc replication, possibly 1 or 2 vpns terminating on it.

The NAT pool will be small (have only 8 publics), I only need a few to boxes to sit in the DMZ.

A 330 sounds fine for my needs then :)

[Lackie]

Quote:

Originally Posted by the_chicco

A 330 sounds fine for my needs then :)

This will be plenty for your own use.

[zyz101z]

The only thing I would watch out for on the IP330's is hard drives. The hard drives on them seem to crash way more often than other IP series servers. I used to work for a MSP where we managed about 200 IP330's. After they got a bit older we would have a server crash due to hard drive issues almost weekly. The IP350's are way better boxes. However, performance wise the 330's are very solid.