Setup and Administration
There are so many features in the TZW that if I were to write about them all, it would make this review about as long as its 283 page Administrator's guide! So in the interest of my finishing this review sometime this month, I'll try to hit the TZW's more unique highlights.
The TZW comes set to 192.168.168.168 but with its built-in DHCP servers (there are two - one each for the LAN and WLAN network segments) disabled. So you'll need to set the computer to an address in the same subnet in order to connect (Sonicwall suggests 192.168.168.200). All this is outlined in the printed Quick Start Guide that comes in the TZW's box.
TIP: After you complete initial setup, remember to change your client's settings to match the IP addressing method you choose! I forgot to set my client back to being a DHCP client after enabling the TZW's DHCP server. I had trouble browsing the web until I figured out that my client didn't have the right DNS info! Guess I should have read the Quick Start Guide, which clearly describes the proper steps...
Once you get connected, a setup wizard automatically launches to step you through the initial setup. The toughest part here is deciding which of the three scenarios matches your needs, but, even then, Sonicwall provides handy diagrams of each one to help you decide (see Figure 2).
Figure 2: Office Gateway Setup Scenario
(click on the image for a full-sized view)
I found the Admin interface logically arranged and generally responsive, although I experienced a noticeable lag when accessing it from one of my slower machines. Setting changes take about 5 seconds to save and I didn't really run into any situations that required a restart - which was a good thing since restarts and cold boots take about 90 seconds!
In keeping with the security focus of the product, both HTTP and HTTPS connections are supported for the admin interface, with the default method for administration from wireless clients set to HTTPS. Depending on your browser's settings you may get some popups warning you about security certificate acceptance, but if you just tell the browser to accept the certificates permanently, you shouldn't be bothered with them again.
Remote management can also be done via HTTP or HTTPS, and you can set the port used for each service, restrict management to a single IP address or address range, and set the admin interface idle auto-logout time and login lockout after a settable number of failed attempts.
The TZW handles the usual static, dynamic and PPPoE WAN types, but also includes the not-so-common options of PPTP and L2TP authentication, supporting static or dynamic IP addressing for each. MAC address cloning and host name authentication are also supported, but not domain-based authentication.