Add Your Review
Read 36 Reviews by Users
|Pros: || |
- Excellent logging and alert features
- Very good Access controls, including Time
- Very good Content controls
| || |
|Cons: || |
- Slower than less expensive products
- No port range forwarding
- No "DMZ"
- Expensive feature upgrades
| || |
11/06/01 - SOHO2 and SOHO firmware upgraded to 126.96.36.199 for new VPN enhancments.
2/01 - Replaced by the SOHO2. (See Tele2 review.)
1/11/01 - Port range mapping and other improvements have been made in version 5.1.0 and higher firmware. See this page for Release Notes.
Check this page for a summary of the SOHO's capabilities.
|Indicators || |
|Connectors || |
|Comes with || |
|Other || |
It's taken me long enough to review one of the products that helped to establish the category of inexpensive routers, but after enough reader requests (and procrastination), I finally dug into this very feature-rich product.
The good news is that if you've been unhappy with the limited feature offerings of many of the products in this market, you're gonna love the SOHO. It has a lot of what you've been looking for: a secure firewall with excellent logging, report and alert functions; extensive access control and content filtering features; and even a One-to-One NAT feature that lets you share more than one public IP address with firewall protected clients.
What's not so good news, though is the slower speed and more limited port forwarding capabilities of the SOHO. For that story, however, you'll have to read on....
Warning! This is a looonng review. If you have specific interests, go to the bottom of the page and use the links to take you where you want to go.
The SOHO comes with a printed quickstart guide and user manual, and a Java-based setup wizard that makes setting up easy. A companion CD is also included that contains PDF versions of these and other docs. The CD also includes utility software, copies of the Adobe Acrobat reader, Netscape browser, and router firmware. All the PDF documentation and more is located at the SonicWall FTP site. The SonicWall support Web site also has an extensive FAQ file, which you can either search or browse.
As I said, the setup wizard makes setup easy, but you'll need to assign a static IP address in the 192.168.168.X range to the computer that you use for setup because the SOHO comes set with an IP address of 192.168.168.168 and the LAN DHCP server turned off. The SOHO also doesn't come with the WAN side set to be a DHCP client, so there's little chance of doing a "plug-and-go" installation. The wizard forces you to set a admin password as part of the setup, but doesn't do any checking to make sure that the password is a strong one.
Once you get set up, you'll need to reset the IP address of the computer that used for setup and the Sonicwall tells you this clearly as the wizard finishes up its work. You can play with the setup Wizard via the SonicWall Web site so I won't bother with any screen shots, and just give you some key setup features:
The SOHO can handle single or multiple Static IPs, single dynamic IP, or PPPoE WAN connections.
It does not have any special support for RoadRunner TAS login
It does not handle WAN Mac address cloning or changing (MediaOne and other MAC address authenticated users should note that the router serial number is its WAN MAC address.)
You can enter Domain and Host Names, for @Home setup
Once you login to the SOHO's Web Management Interface, however, you'll find plenty of knobs to twiddle. You can see for yourself with SonicWall's Management Interface demo.
As you work you way through the Management Interface menus, it seems like the feature set just goes on and on. After working with the SOHO for a few days, I found that although it has lots of features that other less expensive products don't have, it lacks some features that you may expect to find. So before we dig into the extensive feature set, let's take a look at what you'll be missing:
Also known as "default server" in some routers, this feature allows you to place one LAN computer completely outside the router firewall. You won't find this feature in the SOHO, since SonicWall's focus is security (they do call the product an "Internet Security Appliance" after all...) and they feel that this is an inherently insecure way to allow WAN traffic past the firewall. See the Access section of the review for what the SOHO does provide for getting traffic through the firewall.
Port Range Forwarding:
You can set access rules on up to 128 single TCP, UDP, or ICMP ports (more on this later), but you can't forward port ranges and you won't find triggered port maps either. Instead SonicWall has built special handling into the SOHO for NetMeeting and other applications that require special port handling.
WAN address "loopback":
If you have LAN based servers that you set as Public servers, you'll have to reach them via their private LAN IP address from LAN side machines.
10/100 switched LAN ports:
The 4 LAN ports are 10BaseT only and they are repeated, not switched. In other words the LAN side is a four port 10BaseT hub. Note that port number 4 is hard-wired as a crossover port, so you'll need to use a crossover cable to connect a normal LAN client, i.e. a computer to that port. Although a short crossover cable is provided with the SOHO, it seems an odd design choice.
Bummed? Don't be. There are plenty of features to get your LAN securely connected to the net. Let's start by looking at the Access controls.