Wireless > Settings
328
SonicOS Enhanced 4.0 Administrator Guide
• Static routes must be entered on the Access Point TZ 170 Wireless to route back to the
LAN subnets of the Bridge Mode TZ 170 Wireless.
Referring to the example network, TZ 170 Wireless1 must have static routes to 10.20.20.x/24
via 172.16.31.2 and to 10.30.30.x/24 via 172.16.31.3
Configuring VPN Policies for the Access Point and Wireless Bridge
Access Point Configuration
After Wireless Settings are defined, the WiFiSec connections (VPN Policies) must be
configured. The VPN Policies are defined as would any other site-to-site VPN policy, typically
with the following in mind:
• The Access Point wireless security appliance must specify the destination networks of the
remote sites.
• The Access Point wireless security appliance must specify its LAN management IP address
as the Default LAN Gateway under the Advanced tab.
• The Wireless Bridge Mode wireless security appliance must be configured to use the tunnel
as the default route for all internet traffic.
Referring to the example network, the Access Point wireless security appliance has the
following two VPN Policies defined:
• One policy to the Site_A address object at 10.20.20.0: