Support User Manuals

SonicWALL 3 Home Security System User Manual

Open as PDF

of 348

SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE

143

Wireless > Settings

Network Settings for the Example Network

Wireless Bridging (without WiFiSec)

To provide compatibility with other non-WiFiSec wireless access points, the TZ 170 Wireless supports

a non-secure form of wireless bridging, but insecure wireless communications should only be

employed when data is non-sensitive. By default, WiFiSec Enforcement is enabled on Wireless

Settings for Wireless Bridge Mode. To connect to a non-WiFiSec access point, this checkbox must

be disabled. Since VPN tunnels are not established in non-secure Wireless Bridging deployments,

traffic routes must be clearly defined for both the Access Point and the Bridge Mode sites:

• The default route on the Bridge Mode TZ 170 Wireless must from the WLAN interface to the

WLAN interface of the connecting Access Point TZ 170 Wireless.

 Referring to the example above, the default route on TZ 170 Wireless2 and TZ 170 Wireless3

is set via their WLAN interfaces to 172.16.31.1.

• Static routes must be entered on the Access Point TZ 170 Wireless to route back to the LAN sub-

nets of the Bridge Mode TZ 170 Wireless.

 Referring to the example network, TZ 170 Wireless1 must have static routes to 10.20.20.x/24

via 172.16.31.2 and to 10.30.30.x/24 via 172.16.31.3

Configuring VPN Policies for the Access Point and Wireless Bridge

Access Point

After Wireless Settings are defined, the WiFiSec connections (VPN Policies) must be configured. The

VPN Policies are defined as would any other site-to-site VPN policy, typically with the following in

mind:

• The Access Point TZ 150 Wireless/TZ 170 Wireless must specify the destination networks of the

remote sites.

• The Access Point TZ 150 Wireless/TZ 170 Wireless must specify its LAN management IP address

as the Default LAN Gateway under the Advanced tab.

• The Wireless Bridge Mode TZ 170 Wireless must be configured to use the tunnel as the default

route for all internet traffic.

Device Mode SSID Channel LAN IP Address WLAN IP

Address

TZ 170

Wireless1

Access Point myWLAN 1 10.10.10.254/24 172.16.31.1/24

TZ 170

Wireless2

Wireless Bridge myWLAN 1 (auto) 10.20.20.254/24 172.16.31.2/24

TZ 170

Wireless3

Wireless Bridge myWLAN 1 (auto) 10.30.30.254/24 172.16.31.3/24

TZ 170

Wireless4

Access Point otherWLA

N

6 10.30.30.253/24 172.16.31.1/24

previous next