Professional Documents
Culture Documents
UTM - Wireless: Configuring a Virtual Access Point (VAP) Profile for Wireless Corporate Users on TZ Series
Answer/Article
Article Applies To:
SonicWALL Security Appliance Platforms: Gen5 TZ Series (Built-in Wireless): TZ 100 Wireless, TZ 200 W, TZ 210 Wireless. Firmware/Software version: SonicOS Enhanced 5.6.0.0 or higher Services: Virtual Access Point (VAP) Please Note: To configure VAP on TZ 100, TZ 200, TZ 210 (via SonicPoint) refer KBID 5801 (SonicOS Enhnaced 5.6.3.0 or higher)
Feature/Application:
You can use a VAP for a set of users who are commonly in the office, on campius, and to whom should be given full access to all network resources, providing that the connection is authenticated and secure. These users would already belong to the networks Directory Service, Microsoft Active Directory, which provides an EAP interface through IAS Internet Authentication Services.
Deployment Steps:
The following are required areas of configuration for VAP deployment: Step 1: Adding a Wireless LAN (WLAN) Sub-Interface for VAP Step 2: Adding a DHCP Scope for the VAP Sub-Interface Step 3: Adding a New Virtual Access Point - Profile Step 4: Adding a New Virtual Access Point Step 5: Virtual Access Point Group Step 6: Assign VAP Group to Internal Wireless Radio
1. WLAN subnets are configured from the Network > Interfaces page.
Zone: Select WLAN VLAN Tag: Enter a number e.g 100 Parent Interface: Select W0 IP Assignment: Static IP Address/Subnet Mask (Enter IP subnet for VAP) Management (optional): Select a method if you wish to access SonicWALL appliance from VAP subnet.
3. Click OK
The DHCP server assigns leased IP addresses to users within specified ranges, known as Scopes. Take care in making these settings manually, as a scope of 200 addresses for multiple interfaces that will only use 30 can lead to connection issues due to lease exhaustion. The DHCP scope should be resized as each interface/subinterface is defined to ensure that adequate DHCP space remains for all subsequently defined interfaces. Failure to do so may cause the auto-creation of subsequent DHCP scopes to fail, requiring manual creation after performing the requisite scope resizing. 1. DHCP Server Scope is set from the Network > DHCP Server page. 2. Ensure Enable DHCP Server option is Checked 3. SonicWALL appliance will automatically add a DHCP scope when an Interface/Sub-Interface is created.
How to Test: From you wireless client computer, scan and connect to the SSID (e.g VAP-Demo-TZs) and enter the Preshared Key (e.g. if WPA is choosen). Once connected your wireless adapter will aquire an the IP address from the appropriate WLAN sub-interface.
Related Items
UTM - Wireless: Configuring a Virtual Access Point (VAP) Profile for Wireless Corporate Users using SonicPoints UTM: Troubleshooting Wireless related issues
8470 10/25/2010
Date Created
10/25/2010