Network > Zones
200
SonicOS Enhanced 4.0 Administrator Guide
–
Enable Dynamic Address Translation (DAT) - Wireless Guest Services (WGS)
provides spur of the moment “hotspot” access to wireless-capable guests and visitors.
For easy connectivity, WGS allows wireless users to authenticate and associate, obtain
IP settings from the TZ 170 Wireless DHCP services, and authenticate using any web-
browser. Without DAT, if a WGS user is not a DHCP client, but instead has static IP
settings incompatible with the TZ 170 Wireless WLAN network settings, network
connectivity is prevented until the user’s settings change to compatible values.
Dynamic Address Translation (DAT) is a form of Network Address Translation (NAT)
that allows the TZ 170 Wireless to support any IP addressing scheme for WGS users.
For example, the TZ 170 Wireless WLAN interface is configured with its default address
of 172.16.31.1, and one WGS client has a static IP Address of 192.168.0.10 and a
default gateway of 192.168.0.1, while another has a static IP address of 10.1.1.10 and
a gateway of 10.1.1.1, and DAT enables network communication for both of these
clients.
–
Enable External Guest Authentication - Requires guests connecting from the device
or network you select to authenticate before gaining access. This feature, based on
Lightweight Hotspot Messaging (LHM) is used for authenticating Hotspot users and
providing them parametrically bound network access.
Note Refer to the SonicWALL Lightweight Hotspot Messaging Tech Note available at the
SonicWALL documentation Web site
http://www.sonicwall.com/us/Support.html for
complete configuration of the Enable External Guest Authentication feature.
–
Custom Authentication Page - Redirects users to a custom authentication page when
they first connect to a SonicPoint in the WLAN zone. Click Configure to set up the
custom authentication page. Enter either a URL to an authentication page or a custom
challenge statement in the text field, and click OK.
–
Post Authentication Page - Directs users to the page you specify immediately after
successful authentication. Enter a URL for the post-authentication page in the filed.
–
Bypass Guest Authentication - Allows a SonicPoint running WGS to integrate into
environments already using some form of user-level authentication. This feature
automates the WGS authentication process, allowing wireless users to reach WGS
resources without requiring authentication. This feature should only be used when
unrestricted WGS access is desired, or when another device upstream of the
SonicPoint is enforcing authentication.
–
Redirect SMTP traffic to - Redirects SMTP traffic incoming on this zone to an SMTP
server you specify. Select the address object to redirect traffic to.
–
Deny Networks - Blocks traffic from the networks you name. Select the subnet,
address group, or IP address to block traffic from.
–
Pass Networks - Automatically allows traffic through the WLAN zone from the
networks you select.
–
Max Guests - Specifies the maximum number of guest users allowed to connect to the
WLAN zone. The default is 10.
Step 15 Click OK to apply these settings to the WLAN zone.