https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5801

Similar documents

Configuring Virtual Access Points

SonicOS 5.6 Feature Overview

2/22/2016 UTM: How to Open FTPS traffic to a Passive mode FTP Server behind the SonicWALL (SW10094)

VPN Auto Provisioning

SonicOS Enhanced Release Notes

Creating Wireless Networks

SonicOS Enhanced Release Notes

Key Features... 2 Known Issues... 3 Resolved Issues... 5 Upgrading SonicOS Enhanced Image Procedures... 6 Related Technical Documentation...

SonicOS Enhanced Release Notes

Grandstream Networks, Inc. GWN76xx Wi-Fi Access Points Master/Slave Architecture Guide

TECHNICAL NOTE MSM & CLEARPASS HOW TO CONFIGURE HPE MSM CONTROLLERS WITH ARUBA CLEARPASS VERSION 3, JUNE 2016

Exam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ]

SonicOS Release Notes

SonicOS Enhanced Release Notes

SonicOS Enhanced Release Notes

Contents. Platform Compatibility. Beta SonicOS Enhanced Release Notes for NSA Series. SonicOS

WAP9112/9114 Quick Start Guide

Configuring a VAP on the WAP351, WAP131, and WAP371

SonicWALL strongly recommends you follow these steps before installing Global VPN Client (GVC) 4.0.0:

Configuring 802.1X Authentication Client for Windows 8

SonicWALL Security Appliances. SonicWALL SSL-VPN 200 Getting Started Guide

Basic Wireless Settings on the CVR100W VPN Router

Pre-Installation Recommendations... 1 Platform Compatibility... 1 New Features... 2 Known Issues... 2 Resolved Issues... 3 Troubleshooting...

Platform Compatibility... 1 Enhancements... 2 Known Issues... 3 Upgrading SonicOS Enhanced Image Procedures... 3 Related Technical Documentation...

SonicOS Release Notes

Quick Start Guide for Standalone EAP

SonicOS Enhanced Release Notes

HP0-Y44. Implementing and Troubleshooting HP Wireless Networks.

Dell SonicWALL SonicOS

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server

HOW TO SETUP CFS POLICIES WITH LDAP AND SSO TO RESTRICT INTERNET ACCESS ON CFS 3.0

Add a Wireless Network to an Existing Wired Network using a Wireless Access Point (WAP)

DWS-4000 Series DWL-3600AP DWL-6600AP

Configuring Hybrid REAP

Chapter 1 Introduction

Internet access system through the Wireless Network of the University of Bologna (last update )

Integrating SonicWALL PRO-Series/E-Class UTM Appliances with HP ProCurve Manager Plus/Network Immunity Manager

SonicOS Enhanced Release Notes SonicWALL, Inc. Software Release: February 6, 2006

SonicWALL TZ 180 Wireless Recommends Guide

LevelOne. Quick Installation Guide. WHG series Secure WLAN Controller. Introduction. Getting Started. Hardware Installation

Configuring Botnet Filters

Contents. Platform Compatibility. Directory Connector SonicWALL Directory Services Connector 3.1.7

SonicPoint and SonicOS Enhanced 2.5

ENH900EXT N Dual Radio Concurrent AP. 2.4GHz/5GHz 900Mbps a/b/g/n Flexible Application

Release Notes. Release Purpose... 1 Platform Compatibility... 1 Upgrading Information... 1 Browser Support... 2 Known Issues... 3 Resolved Issues...

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Aruba ACMP. Aruba Certified Mobility Professional

Clean wireless. High-performance clean wireless solutions

SonicWALL strongly recommends you follow these steps before installing Global VPN Client (GVC) 4.1.0:

Contents. Platform Compatibility. Directory Connector SonicWALL Directory Services Connector 3.1.7

WAP3205 v2. User s Guide. Quick Start Guide. Wireless N300 Access Point. Default Login Details. Version 1.00 Edition 2, 12/2012

NXC Series. Handbook. NXC Controllers NXC 2500/ Default Login Details. Firmware Version 5.00 Edition 19, 5/

Wireless LAN Controller Web Authentication Configuration Example

SonicOS Enhanced Release Notes SonicWALL, Inc. Firmware Release: November 3, 2008

WFS709TP Case Scenario: Wireless deployment for a Corporate and Public network

VLAN HOW-TO USER GUIDE

SonicWALL TZ 150 Wireless. Getting Started Guide

FortiNAC. Cisco Airespace Wireless Controller Integration. Version: 8.x. Date: 8/28/2018. Rev: B

WiFi CampPro 2 User Manual V01

Cisco Meraki. Spectralink VIEW Certified Configuration Guide

Configuring EAP for Wireless Network Connectivity By Victor Zapata

MSM320, MSM410, MSM422, MSM430,

User Guide. Omada Controller Software

SonicOS Release Notes

Cisco Exam Questions and Answers (PDF) Cisco Exam Questions BrainDumps

Case Study Captive Portal with QR Code authenticator assisted

54Mbps Pocket Wireless Access Point (WL-330g)

SonicWall Global VPN Client Getting Started Guide

Chapter 4 Advanced Settings and Features

Sonicwall NSA220 / TZ215 / TZ300,400,500 Configuration Guide (Firmware: SonicOS Enhanced o & up)

SonicOS Standard Release Notes SonicWALL, Inc. Software Release: June 4, 2009

VPN Configuration Guide SonicWALL with SonicWALL Simple Client Provisioning

Cloudpath and Aruba Instant Integration

Cyberoam Wireless Protection Guide. Version 10

Radiolabs Bridge in a Box Setup

Learn How to Configure EnGenius Wi-Fi Products for Popular Applications

VOCOM II. WLAN Instructions. VOCOM II Tough

WISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac

Wireless Setup Instructions

Manual UCSFwpa Configuration for Windows 7

SonicWALL / Toshiba General Installation Guide

ENH900 EXT ENH900 EXT. Wireless 11N Outdoor Dual Band Dual Concurrent AP /CB PRODUCT OVERVIEW

High Availability on the SonicWALL TZ 210

M a/b/g Outdoor Layer-2 MESH AP

WL 5011s g Wireless Network Adapter Client Utility User Guide

Configuring a Basic Wireless LAN Connection

Installation & Setup of your Access Networks Ruckus Wireless System

SonicWALL Hardware Failover License Synchronization

Notebook Adapter. Quick Installation Guide WPC300N (EU/LA) Package Contents

WISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac

D-Link AirPlus G DWL-G700AP

MSC-5100 Promotional Bundle Quickstart

How to connect your device using eduroam

Insight Basic and Premium Mobile App and Cloud Portal User Manual

HPE IMC UAM BYOD Quick Deployment on Mobile Device Configuration Examples

Deployment Guide for Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.1

DPI-SSL. DPI-SSL Overview

Click on Close button to close Network Connection Details. You are back to the Local Area Connection Status window.

5 Tips to Fortify your Wireless Network

Transcription:

Page 1 of 7 Home Welcome Guest Log In Unread Messages : 0 E-mail Print Subscribe? Related Bookmark Search View all items in: UTM/Firewall/VPN > 1.5 Wireless / SonicPoint > Wireless Configuration UTM/Firewall/VPN > 1.5 Wireless / SonicPoint > Virtual Access Point (VAP) Rating: 9.00 out of 10 (3 Ratings) Rate Question/Topic UTM - Wireless: Configuring a Virtual Access Point (VAP) Profile for Wireless Corporate Users using SonicPoints Answer/Article Applies to: This article applies to the following firmware versions and product models: Category: Wireless, Virtual Access Point (VAP) SonicOS Enhanced firmware (3.5 and above) SonicWALL firewall (UTM) appliances: Pro 2040, PRO 3060, PRO 4060, PRO 5060, PRO 4100. SonicWALL Network Security (NSA) Appliances: NSA 2400, NSA 3500, NSA 4500, NSA 5000, NSA E5500 (E-Class), NSA E6500, NSA E7500 Gen5 TZ Series: TZ 100, TZ 100 Wireless, TZ 200, TZ 200 W, TZ 210, TZ 210 Wireless (SonicOS Enhanced 5.6.3.0 and above). SonicWALL Wireless appliance: SonicPoint Overview / Scenario: You can use a Corporate LAN VAP for a set of users who are commonly in the office, and to whom should be given full access to all network resources, providing that the connection is authenticated and secure. These users would already belong to the network s Directory Service, Microsoft Active Directory, which provides an EAP interface through IAS Internet Authentication Services Deployment Steps: Step 1: Configuring a Zone Step 2: Creating a VLAN Sub-Interface on the WLAN Step 3: Configuring DHCP IP Ranges Step 4: Creating a SonicPoint VAP Profile Step 5: Creating the SonicPoint VAP Step 6: Deploying VAPs to a SonicPoint Procedure: Step 1: Configuring a Zone In this section you will create and configure a new corporate wireless zone with SonicWALL UTM security services and enhanced WiFiSec/WPA2 wireless security. 1. Log into the management interface of your SonicWALL UTM appliance. 2. In the left-hand menu, navigate to the Network > Zones page. 3. Click the Add... button to add a new zone. General Settings Tab 1. In the General tab, enter a friendly name such as VAP-Corporate in the Name field. 2. Select Wireless from the Security Type drop-down menu. 3. Select the Allow Interface Trust checkbox to allow communication between wireless guests. 4. Select checkboxes for all of the security services you would normally apply to wired corporate LAN users.

Page 2 of 7 Wireless Settings Tab 1. In the Wireless tab, check the Only allow traffic generated by a SonicPoint checkbox. 2. Select the checkbox for WiFiSec Enforcement to enable WiFiSec security on this connection. 3. Select Trust WPA/WPA2 traffic as WiFiSec to enable WPA/WPA2 users access to this connection. 4. Select a provisioning profile from the SonicPoint Provisioning Profile drop-down menu. The default profile is SonicPoint, but you may also create and select a custom provisioning profile. For information on creating your own custom SonicPoint Provisioning Profile, see "Creating a SonicPoint Provisioning Profile". 5. Click the OK button to save these changes. Your new Zone now appears at the bottom of the Network > Zones page, although you may notice it is not yet linked to a Member Interface. This is your next step. Step 2: Creating a VLAN Sub-Interface on the WLAN In this section you will create and configure a new VLAN sub-interface on your current WLAN. This VLAN will be linked to the Zone you created in the Configuring a Zone section

Page 3 of 7 1. In the Network > Interfaces page, click the Add Interface button. 2. In the Zone drop-down menu, select the Zone you created in Configuring a Zone. In this case,we have chosen VAP- Corporate.. 3. Enter a VLAN Tag for this interface. This number allows the SonicPoint(s) to identify which traffic belongs to the VAP- Corporate VLAN. You should choose a number based on an organized scheme. In this case, we choose 50 as our tag for the VAP-Corporate VLAN. 4. In the Parent Interface drop-down menu, select the interface that your SonicPoint(s) are physically connected to. In this case, we are using X2, which is our WLAN interface. 5. Enter the desired IP Address for this sub-interface. 6. Select a limit for the number of SonicPoints from the SonicPoint Limit drop-down menu. This defines the maximum number of SonicPoints this interface will support and allows for appropriate address space allocation to the SonicPoints. 7. Optionally, you may add a comment about this sub-interface in the Comment field. 8. Click the OK button to add this Sub-Interface. Your VLAN sub-interface now appears in the Interface Settings list. Step 3: Configuring DHCP IP Ranges Because the number of available DHCP leases vary based on your platform, the DHCP scope should be resized as each interface/sub-interface is defined to ensure that adequate DHCP space remains for all subsequently defined interfaces. To view the maximum number of DHCP leases for your SonicWALL PRO series UTM appliance, refer to the SonicOS: Maximum allowed DHCP leases for SonicWALL Security Appliances article. 1. In the left-hand menu, navigate to the Network > DHCP Server page. 2. Locate the interface you just created, in our case this is the X2:V50 (virtual interface 50 on the physical X2 interface) interface. Click the Configure (Edit) icon corresponding to the desired interface. Note: If the interface you created does not appear on the Network > DHCP Server page, it is possible that you have already exceeded the number of allowed DHCP leases for your SonicWALL. For more information on DHCP lease exhaustion, refer to the SonicOS: Maximum allowed DHCP leases for SonicWALL Security Appliances article. 3. Edit the Range Start and Range End fields to meet your deployment needs.

Page 4 of 7 4. Click the OK button to save these changes. Your new DHCP lease scope now appears in the DHCP Server Lease Scopes list. Step 4: Creating a SonicPoint VAP Profile In this section, you will create and configure a new Virtual Access Point Profile. You can create VAP Profiles for each type of VAP, and use them to easily apply advanced settings to new VAPs. This section is optional, but will facilitate greater ease of use when configuring multiple VAPs. 1. In the left-hand menu, navigate to the SonicPoint > Virtual Access Point page. 2. Click the Add... button in the Virtual Access Point Profiles section. 3. Enter a Profile Name such as Corporate-WPA2 for this VAP Profile. 4. Select WPA2-AUTO-EAP from the Authentication Type drop-down menu. This will employ an automatic user authentication based on your current RADIUS server settings (Set below). 5. In the Maximum Clients field, enter the maximum number of concurrent connections VAP will support. 6. In the WPA-EAP Encryption Settings section, enter your current RADIUS server information. Wireless clients will communicate with this EAP capable RADIUS server for credential controlled access to the SonicPoint, and for establishing shared key information for encrypted communication with the SonicPoint. 7. Click the OK button to create this VAP Profile. Step 5: Creating the SonicPoint VAP In this section, you will create and configure a new Virtual Access Point and associate it with the VLAN you created in Creating a VLAN Sub-Interface on the WLAN section 1. In the left-hand menu, navigate to the SonicPoint > Virtual Access Point page. 2. Click the Add... button in the Virtual Access Points section. 3. Enter a default name (SSID) for the VAP. In this case we chose VAP-Corporate, the same name as the Zone to which it will be associated. 4. Select the VLAN ID you created in "VLAN Sub-Interfaces"section from the drop-down list. In this case we chose 50, the VLAN ID of our VAP-Corporate VLAN. 5. Check the Enable Virtual Access Point checkbox to enable this access point upon creation. 6. Check the Enable SSID Suppress checkbox to hide this SSID from users

Page 5 of 7 7. Click the OK button to add this VAP. Your new VAP now appears in the Virtual Access Points list. Advanced Tab (Authentication Settings) 1. Click the Advanced Tab to edit encryption settings. If you created a VAP Profile in the previous section, select that profile from the Profile Name list. We created and choose a Corporate-WPA2 profile, which uses WPA2-AUTO-EAP as the authentication method. If you have not set up a VAP Profile, continue with steps 2 through 4. Otherwise, continue to Create More / Deploy Current VAPs secion, 2. In the Advanced tab, select WPA2-AUTO-EAP from the Authentication Type drop-down menu. This will employ an automatic user authentication based on your current RADIUS server settings (Set below). 3. In the Maximum Clients field, enter the maximum number of concurrent connections VAP will support. 4. In the WPA-EAP Encryption Settings section, enter your current RADIUS server information. This information will be used to support authenticated login to the VLAN. Create More / Deploy Current VAPs Now that you have successfully set up a VLAN for Corporate LAN access, you can choose to add more custom VAPs, or to deploy this configuration to your SonicPoint(s) in the Deploying VAPs to a SonicPoint secion Timesaver: Remember that more VAPs can always be added at a later time. New VAPs can then be deployed simultaneously to all of your SonicPoints by following the steps in the Deploying VAPs to a SonicPoint s. Step 6: Deploying VAPs to a SonicPoint In the following section you will group and deploy your new VAPs, associating them with one or more SonicPoint Radios. Users will not be able to access your VAPs until you complete this process: Grouping Multiple VAPs Creating a SonicPoint Provisioning Profile Grouping Multiple VAPs In this section, you will group multiple VAPs into a single group to be associated with your SoncPoint(s). 1. In the left-hand menu, navigate to the SonicPoint > Virtual Access Point page. 2. Click the Add Group... button in the Virtual Access Point Group section. 3. Enter a Virtual AP Group Name. 4. Select the desired VAPs from the list and click the -> button to add them to the group. Optionally, click the Add All button to add all VAPs to a single group.

Page 6 of 7 5. Press the OK button to save changes and create the group. Creating a SonicPoint Provisioning Profile In this section, you will associate the group you created in the Grouping Multiple VAPs section with a SonicPoint by creating a provisioning profile. This profile will allow you to provision settings from a group of VAPs to all of your SonicPoints. 1. In the left-hand menu, navigate to the SonicPoint > SonicPoints page. 2. Click the Add button in the SonicPoint Provisioning Profiles section. 3. Click the Enable SonicPoint checkbox to enable this profile. 4. In the Name Prefix field, enter a name for this profile. 5. Select a Country Code from the drop-down list. 6. From the 802.11 Radio Virtual AP Group pull-down list, select the group you created in the Grouping Multiple VAPs section 7. To setup 802.11g WEP or 802.11a WEP/WPA encryption, or to enable MAC address filtering, use the 802.11g and 802.11a tabs. If any of your VAPs use encryption, configure these settings before your SonicPoint VAPs will function. Note: If any of the VAPs in your VAP Group use WEP, the WEP settings must be defined on the SonicPoint Profile (or the individual SonicPoint) prior to the assignment of that VAP Group to the target. For example, if you configure a VAP within the group to use WEP Key 1, you must configure WEP Key 1 on the target SonicPoint Profile or SonicPoint prior to VAP Group assignation. 8. Click the OK button to save changes and create this SonicPoint Provisioning Profile. 9. Click the Synchronize SonicPoints button at the top of the screen to apply your provisioning profile to available

Page 7 of 7 SonicPoints. Your SonicPoint may take a moment to reboot before changes take place. After this process is complete, all of your VAP profiles will be available to wireless users through this SonicPoint. Associating a VAP Group with your SonicPoint If you did not create a SonicPoint Provisioning Profile, you can provision your SonicPoint(s) manually. You may want to use this method if you have only one SonicPoint to provision. This section is not necessary if you have created and provisioned your SonicPoints using a SonicPoint Profile. 1. In the left-hand menu, navigate to the SonicPoint > SonicPoints page. 2. Click the Configure button next to the SonicPoint you wish to associate your Virtual APs with. 3. In the Virtual Access Point Settings section, select the VAP group you created in Grouping Multiple VAPs from the 802.11g (or 802.11a) Radio Virtual AP Group drop-down list. In this case, we choose VAP as our Virtual AP Group. 4. Click the OK button to associate this VAP Group with your SonicPoint. 5. Click the Synchronize SonicPoints button at the top of the screen to apply your provisioning profile to available SonicPoints. Your SonicPoint may take a moment to reboot before changes take place. After this process is complete, all of your VAP profiles will be available to wireless users through this SonicPoint. Note: If you are setting up guest services for the first time, be sure to make necessary configurations in the Users > Guest Services pages. For more information on configuring guest services, refer to the SonicOS Enhanced Administrator s Guide. Source: SonicOS: SonicOS Enhanced 5.0 Virtual Access Points Feature Module Related Items UTM - Wireless: Configuring a Virtual Access Point (VAP) Profile for Wireless Guest access using SonicPoints SonicOS: SonicOS Enhanced 5.0 Virtual Access Points Feature Module [PDF] UTM - Wireless: Configuring a Virtual Access Point (VAP) Profile for Wireless Corporate Users on TZ Series KBID 5801 Date Modified 10/18/2010 Date Created 12/10/2008

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback