Creating a public wifi seperate from our private network

Want to setup a Watchguard firebox x10e optional network to allow clients internet access but not access to the internal network.

Watchguard is connected directly to a T1 line. (The trusted network is working fine.)
I enabled the Optional network on the Watchguard with the default ip 192.168.112.1

Enabled Optional Network DHCP is on with the range 192.168.112.50 –  192.168.112.60

Plugged in a Linksys wireless access point WAP54G in access point mode to optional port on Firebox. I assigned the Linksys WAP 192.168.112.2

I can connect a computer wirelessly, the firebox optional network dhcp server assigns 192.168.112.50

But it cannot resolve internet domain names. I can ping public ip addresses.

What do I need to do to allow internet access?

Thanks,
Aaron
AJHebertAsked:
Who is Participating?
 
marine7275Connect With a Mentor Commented:
you need to configure dns on the optional network on your dhcp scope. you can use 4.2.2.2
0
 
mlongohConnect With a Mentor Commented:
You have internet access if you can ping public IP addresses.  What is DHCP assigning as DNS servers on the optional network?
0
 
Neil RussellTechnical Development LeadCommented:
What does it assign for DNS etc.
On the laptop do an IPCONFIG /ALL in a CMD window and paste the output here
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

 
AJHebertAuthor Commented:
The DHCP is assigning the DNS assigned on the watchguard. Which works fine on the trusted side.

Optional Network settings does not seem to have an option to set the dhcp scope? Is this done in a different setting area?
0
 
AJHebertAuthor Commented:
The DNS assigned is 64.90.1.1
0
 
mlongohCommented:
That's your problem - that server is refusing queries (at least from me) and may only be configured to accept queries from nodes on it's network.  You can change it to 4.2.2.2 or another public DNS server that your ISP has identified as usuable for you.
0
 
Neil RussellTechnical Development LeadCommented:
from the wireless connected laptop, can you ping the default gateway? Ping the DNS server? run an NSLOOKUP for www.google.co.uk, do you get a result?
 
0
 
AJHebertAuthor Commented:
Had to leave for the day. Will try using 4.2.2.2 in the morning and post an update or hopefully assign a solution.

I pinged the 64.90.1.1 and the default gateway and they ping fine.
0
 
mlongohCommented:
If you can ping public Internet addresses then you are NOT having a connection/routing problem.  You almost surely are having a DNS resolution problem.
0
 
freez965Commented:
As many others have already commented, it looks like a purely DNS issue.  Check to be sure that the WAN DNS settings are getting passed to your DHCP clients -- once that is resolved, you should have no problems...should be an easy and fast fix.
0
 
AJHebertAuthor Commented:
It's weird though, as i stated on the trusted side of the firewall we have about 15 computers that connect using the same dns setting with no issues.
0
 
AJHebertAuthor Commented:
Assigned 4.2.2.2 and it worked fine. The client informed me today that his ISP was bought out by another company. Contacted ISP and they told me that they are in the process of changing DNS settings on the network.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.