Solved

Sonicwall Questions NSA 2400 and TZ 210 Wireless N

Posted on 2011-02-28
74
10,759 Views
Last Modified: 2012-05-11
I was shown the Setup Guides for "UTM - Wireless: Configuring a Virtual Access Point (VAP) Profile for Wireless Corporate Users using SonicPoints" along with the same one for VAP-Guests.

The guide is easy to follow but I am not able to get past Step 2 on the Corporate Guide
https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5801 (thanks digitap)

also, the Guest Access Point Guide (KB for Virtual Guess Access Point

The problem is when I first got the router the Support from SonicWall had me bridge the SonicPointN to the LAN port. See the attached picture.

So, I am confused on what to do. I need to be able to follow the two guides because it is what I need to do. I need two access points (maybe more) that would allow guests to access web sites not allowed by the company.

Issue 2) Our Building is approx 17,000 square feet (one level) will one SonicPoint N work or do I need a 2nd one?

Issue 3) We have a HA Unit for the NSA 2400 (it cost 1/3 the price of the NSA 2400).  I noticed there is an option for HA (high availability) for the TZ 210 Wireless N, is there a "dummy" unit or do you purchase the exact same full functioning TZ 210 at the same cost ?
Thanks
nsawireless.JPG
0
Comment
Question by:parmor
  • 38
  • 31
  • 4
  • +1
74 Comments
 
LVL 33

Expert Comment

by:digitap
Comment Utility
1) So, on step to of the Corp wireless service, you are unable to create the vlan interface? have you already chosen an interface to manage the sonicpoints and assigned it the WLAN zone? if you have more than one sonicpoint AND you want to have a guest/corp configuration, then you'll want a switch that will handle VLANs. the ports that the sonicpoint are connected to will be tagged members of the vlans that you create on the sonicwall WLAN interface. also, the port on the switch that connects to the WLAN interface on the sonicwall needs to be a tagged member of the vlans as well.

also, you may need to reset the sonicpoint N to factory defaults to remove the bridge. you don't want to bridge. you'll want to use the steps you already have to create the vlans so you can manage the sonicpoint virtual access points for corp/guest access. forget the bridge.

2) You might need two. It also depends if there is a lot of wireless access points in the area. download a copy of netstumbler and put it on your laptop. it's free and will list waps in the area and give you a graphical representation. if there is a lot of disturbance from other access point, this will cause drops so you may need to increase your signal strength. i usually have to do a wireless survey.

3) Yes, you can HA the TZ210. i believe it's just like the 2400. i've not priced HA with the 210, but they do cost less than the 2400 so getting into an HA with the 210 is very affordable. especially if you don't need the power that comes with the 2400. amzaon has a 210 without wireless for $640. they also have a 2400 for $1,000. if i remember correctly, sonicwall comes down on pricing for the second HA unit? also, i'm not sure if either of those prices comes with the total secure package (GAV, content filter, etc.).
0
 
LVL 24

Expert Comment

by:rfc1180
Comment Utility
>Issue 2) Our Building is approx 17,000 square feet (one level) will one SonicPoint N work or do I need a 2nd one?

Depending on the material between offices and rooms, etc. this could get you around 1 AP per 3000 Sq. Ft. Do you have a floor plan you can attach, I can attach some predictions to get you an estimation.
0
 

Author Comment

by:parmor
Comment Utility
sorry, other work has come up (as usual)

digitap: Is there an easy way to remove the bridge?  I finally have the router working (VPN) and I don't want to have to reset the whole thing unless it is absolutely necessary.
I think the Bridge is the reason I cannot create the VLAN interface.  The Bridge is what is causing the WAN and WLAN to use the same Port X0 or X1 (one or the other).

2 SonicPoints is what I was thinking.  When I had it up and running the people at the other end of the building could occasionally pick up the signal.  I had the SonicPoint in my office which is at the other end.
I will download the netstumbler and see what shows up. Thanks

3)I am still confused about the HA unit for the TZ210.  I have the NSA 2400 with the NSA 2400 HA (cost about 1/3 the price of the full unit, approx $1000)  
The TZ210 Wireless N I am getting the same price quote as I did for the original TZ210 Wireless N for the HA unit. Maybe, they aren't quoting me an HA unit but are quoting a 2nd Full unit running in HA mode??

rcf1180: I don't have a floor plan to attach but there doesn't seem to be much interference as I have temporarily set up two APs on each side of the building.  Basically its one big rectangle separate by the Entry way and further in two restrooms.
0
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
Comment Utility
so, you are bridging through the X2 interface on the sonicwall to the LAN? that's the impression i get when i view the interfaces page in the diagram of your question. you'd simply need to disable the bridge and change the WLAN subnet to something else...like 192.168.4.0/24. then, the sonicwall goes from bridging to routing and you can configure the vlans on the X2 interface. does that make sense?

regarding HA of the 210. either they are not quoting you the full price or they don't give price breaks for the 210 HA since it's so much less than a 2400. i'll check with my sources and see what pricing we get. sound good?
0
 

Author Comment

by:parmor
Comment Utility
Kind of LOL.
I can disable the bridge.  How do I keep it on the same subnet where the wireless users have access to our network resources?

Also, on the NSA 2400, when I connect via VPN to our network, I have no problems accessing the resources and PCs/Servers inside the network, however,  I cannot connect to the NSA 2400 to make changes. How do I add my username to the "Group" to make changes when connected via VPN?
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
first, here is a KB to setup the sonicwall on the WLAN in bridge mode. is this what support had you do?

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7081


second, you're wanting to manage the sonicwall via the WAN GroupVPN SA. go to the config settings for the WAN GroupVPN and go to the Advanced tab. there, you will see the option to enable Management via this SA. HTTP; HTTPS; SSH. enable whichever you need.

i'd also recommend enabling management on the WAN interface. first, though, you'll want to change the default https port under System > Administration. otherwise, if you have ports open for an internal http(s) server, this setting will mess that up. pick something like 44342 or something. then, enable management on the WAN interface. when you connect, you'd type this into IE: https://publicip:44342

0
 

Author Comment

by:parmor
Comment Utility
digitap:
Yes that is what support had me do.

Well I am having some problems but they are on my end I guess.
For me to modify the Settings on the router (I am not in the building) I go to Network->Interfaces->Configure the WAN
I enabled HTTPS check box I received a warning about Security Issues. Clicked OK. I clicked Apply and I get "Error: Not allowed in current mode"

Just to let you know: Since I am not in the building and cannot connect using the SonicWall VPN Client I am using the internal Windows VPN which does allow me to access the Sonicwall via the internal IP.
Is that the reason I am getting this error (see attached image)?  Or I am in the incorrect place?

 Wan Settings for NSA 2400
0
 

Author Comment

by:parmor
Comment Utility
digitap:

Also, I saw a post that you answered (TZ210 and multiple SonicPoints and also had a similar question with my TZ 210.  I have the TZ210 Wireless N (antennas attached to TZ210) and I am looking at adding a SonicPoint Ni (Internal antennas).  

Can I have the TZ210 Wireless N and the SonicPoint Ni share the same SSID like you pointed out in the link?

 I would also like to do that with 2 SonicPoint Ne's on the NSA2400.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 500 total points
Comment Utility
look in the upper right hand corner. you should see the current mode. you might be in non-config. if you click it, you can change the mode. see my screen shot. i was in non-config mode in the screen shot.

you should still be able to manage the device through the windows vpn. to the sonicwall, you are on the internal network. enabling management at the WAN interface makes you free from the dependence of the vpn to access your sonicwall outside the network.
greenshot-2011-03-07-16-13-38.jpg
0
 

Author Comment

by:parmor
Comment Utility
Another quick side question : Looking at adding a 2nd sonicpoint, besides the internal antenas I cannot see any difference between the Ne and Ni and the price is BIG difference.  Am I missing something?
0
 

Author Comment

by:parmor
Comment Utility
D'oh, yes Non-config mode. Must be because I tried to log in while connecting with the Sonicwall VPN Client software.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 500 total points
Comment Utility
regarding http:#a35062149, there is no limitation on mixing different sonicpoint models. the only limitation is that you cannot use the internal wireless of the TZ210 with the sonicpoints. the TZ210 internal wireless ends up being managed separately from the sonicpoints.

sonicpoints have a special provisioning protocol that's "injected" onto the interface that you have the WLAN zone configured. so no, you can't do that. it will ONLY provision sonicpoints and not the TZ210 internal wireless.

regarding the 2400, that shouldn't be a problem. you'll need a switch to connect the X2 (WLAN) interface and the two sonicpoints to. once you setup the sonicpoint provisioning profiles, you'll be set. if you don't have a spare switch, then you can carve out an isolated network within a managed switch.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
regarding the Ne and Ni price difference. i'm on the technical side and never see the costs associated with the hardware, so i can't really answer that question well. i'm guessing the Ni are more expensive that the Ne, which makes sense to me. they have to make the Ni tx/rcv wireless signals as well as the Ne, so that might be the cost difference.

also, make sure you get PoE injectors. you probably already know this, but they don't come with their own AC adapter. in fact a PoE injector or PoE switch is the only way to power the new sonicpoints.
0
 

Author Comment

by:parmor
Comment Utility
digitap:
sorry, I was just wanting to know what technical differences there were between the Ne and Ni.  I need to purchase a 2nd unit for the NSA 2400 and the Ni is much cheaper.  The sales guy said the range is about 10 ft difference but if that is all I would rather save the money on an Ni.  I can almost buy two Ni's for one Ne.

RE: TZ 210 Wireless N - Would it be wise to disable the Internal Antennas and get 2 SonicPoint Ni's rather than have the internal and external?  
0
 

Author Comment

by:parmor
Comment Utility
Also, If I go wit the TZ 210 running in HA mode and I disable the Internal Antennas, wouldn't that mean I only need a TZ 210 and not the more expensive Wireless unit?
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 500 total points
Comment Utility
if you are going to HA the 210s, i would disable the wireless. i rarely buy the wireless with the TZ series anyway, unless the precise conditions warrant it. for instance, small office that would NEVER need a sonicpoint. they've got instructions for setting up guest services and corp services with the internal wireless so you really don't need sonicpoints if you're going to get that fancy. typically, most small companies aren't going to get that fancy.

you might want to check with sonicwall. typically, the sonicwall appliances have to be identical. i don't know if simply disabling the wireless will be close enough to call a non-W tz210 identical.
0
 

Author Comment

by:parmor
Comment Utility
So do you know of any technical differences between the Ni's and the Ne's?
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
nope. looking at their website, it doesn't look like there's much of any differences other than the physical differences of the antennae...and the price, of course. they don't have any range differences listed on the website because so many physical variables can affect this it's hard to nail down a difference between the models.

http://www.sonicwall.com/us/products/Secure_Wireless.html#tab=sonicpoint
0
 

Author Comment

by:parmor
Comment Utility
Excellent.  I called Sonicwall and they said simply disabling the Antennas would turn it in to a standard TZ 210 and I could purchase a Standard TZ 210 and use it in HA mode (just an fyi)

Now on to the NSA 2400 :)
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
cool. thought so, but never hurts to ask.

good luck!
0
 

Author Comment

by:parmor
Comment Utility
Back to the NSA 2400:
How can I Keep the WLAN on the same subnet without being bridged?  

I want users to be able to access all of the information inside of our network.

When I go the the WLAN Zone and change it from Layer 2 Bridge and give it a different IP address on the same subnet as the NSA2400 I click OK and it seems to work but the information stays the same (Still shows Layer 2 Bridged)
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
l2 bridge is the only way to do what you are asking...keeping the subnets the same. there shouldn't be any problem having separate subnets. is there a reason why we wouldn't want to do that?
0
 

Author Comment

by:parmor
Comment Utility
I am not sure how to connect two different subnets. :(


VPN->Settings->WAN GroupVPN->Configure
Also, back to problem of logging in to the NSA 2400 while using the SonicWall VPN Client software I still get an error saying I don't have admin access. How do I get my login (domain user) admin access to change settings on the appliance.

I checked the box (see image) for https and still no go.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
ok...let me worry about that. first, let's look at the management stuff. what group are you using to assign rights to internal networks within the WAN GroupVPN settings? also, you need to create a user on the sonicwall that's NOT called admin. i created one called LocalAdmin. i added it to the group identified in the WAN GroupVPN settings and i added it to the Sonicwall Administrators group. i then configured it to have access to the LAN subnets. give it a password and you'll be ready to go.

actually, click Users > Settings and make sure it's configured with RADIUS + Local Users  or just Local Users, or whatever auth method you use. just make sure that it has Local Users.
0
 

Author Comment

by:parmor
Comment Utility
Hey digitap!

Now I am really confused. I have never really understood PoE to begin with but my latest purchase has made it more confusing.
I purchased a 4 pack of SonicPoint Ni's. I open the box to find that they do NOT have the PoE injector kits with them and are not sold with the 4 (or 8) packs for either Ne or Ni. How the heck do I use them without power?
I purchased 4, 2 will be installed on the NSA 2400 that currently has an unconfigured SonicPoint Ne giving me a total of 3 sonicpoints for the NSA2400

Next, I purchased a 2nd TZ210 for a different location To be used as an HA unit and will disable the internal wireless radios currently on the TZ 210 Wireless N like we spoke about before. The other two  SonicPoint Ni's will be used at this smaller location.

How can I get these 4 new SonicPoint Ni's to work without the PoE injector kits?
Thank you
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
you'll need to purchase a poe switch. i purchase 3com poe switches. i don't know what's available in a small poe switch. you can also just purchase the sonicwall poe injectors but i prefer poe switches.

i attached a wireless best practice guide from sonicwall which has suggestions for poe switches.

that's a bummer. i believe the single Ne sonicpoints do come with poe injectors, but i don't know either 'e' or 'i' in the 4 packs or more didn't.
SonicWALL-SonicPoint-Deployment-.pdf
0
 

Author Comment

by:parmor
Comment Utility
Are these ok?
Cisco - SRW2008P-K9-NA?
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
it looks like it will work from the specs that i see on google. i'm not a cisco guy and am not familiar with this hardware. i think most cisco appliances will work. it's not "cisco express" so i think you're good. it is a layer 3 so you need to look at the best practice guide to make sure you are following their recommendation for layer 3 switches.
0
 

Author Comment

by:parmor
Comment Utility
Just as an FYI what are you using (model #)?
tks
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
certainly. we use:

3CBLSF26PWR
3Com Baseline Switch 2426-PWR Plus

you probably don't need the 24 port.
0
 

Author Comment

by:parmor
Comment Utility
Ok I have both the PoE injectors and the switches. So I will probably use the switches.

On the NSA 2400 I have 3 SonicPoints (2 Ni's X4, X5 and 1 Ne, X2) do I need to work on cloning them or whatever it's called before I setup the Corporate and Guest SSIDs or what is the next step? I still have to change the subnet for the WLAN. Again do I do that first or what Is next?
I also have an HA unit can I connect it last?

Same with the TZ210 wireless N (disabled antennas) with a 2nd unit that needs to be setup in HA mode along with 2 Ni's.
Thanks
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
my best advice for setting up the ssids:


Guest
https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5798

Corp
https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5801

i think this would go for tz210 as well.

is that what you were looking for?
0
 

Author Comment

by:parmor
Comment Utility
I have printed those out earlier but haven't followed all of the steps yet because of the bridged WLAN.
In an earlier post you mentioned I can use one SSID so users wouldn't have to constantly change APs when roaming the building.
Is that setup part of either doc? Or is that some other doc?
0
 

Author Comment

by:parmor
Comment Utility
Since I cannot connect to the NSA 2400 I am working on the TZ 210 Wireless N

Maybe you can help with this.  
I went through the Manual that came with the 2 SonicPoint Ni's that I connected.  Page 14 tells you to Register Your Appliance on Mysonicwall.com.

I had no problems going through Steps 1-4, its 5 and 6 that are not working: 1-4 Is to register the Sonicpoints and I was able to register them. All three items show up  under my account (TZ 210 Wireless N, SonicPoint Ni #1 and SonicPoint Ni #2)

Instructions State:
5. To pair your SonicPoint with a SonicWALL UTM appliance, navigate to the Service Management page by clicking on the device you wish to pair with your SonicPoint.  -  OK I was able to navigate to the page.
6. Scroll to the Associated Products section and click the SonicWALL SonicPoint link to associate your SonicPoint with the Appliance. - I clicked on it but I get the following error : None of the registered products are available for this association.
Any ideas?


Also, do the SonicPoints need to be plugged directly in to the TZ210?  It is impossible for me to do that . The TZ210 is upstairs, I  could plug in SonicPoint Ni #1 (powered via PoE injector) but not #2 because it is downstairs and I only have 1 Cat 5 Cable run and it goes to the Cisco Switch that provides Power via PoE for the SonicPoint #2.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
they don't have to be plugged directly into the sonicwall. as long as the switch your sonicpoints are plugged into are connected to the sonicwall, you're fine.

that's odd the Ni's aren't registering.  what firmeware is your sonicwall? if not, i'd recommend putting your sonicwall at the 5.8 firmware and try again.
0
 

Author Comment

by:parmor
Comment Utility
Sorry I was registering online.  I have the latest firmware SonicOS Enhanced 5.8.0.2-37o

I did not activate them on the device, is that the problem? I logged in to my account online.

While I was waiting I messed up more stuff ;)
I plugged  Ni #1 into X4

I then took the Cat5e Cable that went from the Dell Switch (power connect 2816) downstairs that connected to the new Cisco PoE Switch and moved it to X5.  So, X5 is now directly connected to the Cisco PoE.

I am wanting to Use one SSID so when you go from one floor to the other you don't have to switch SSIDs.  How do I do that?  I am really confused about the SonicPoints.  At first they were configured as standalone, now the upstairs one is showing up in the TZ210:  SonicPoint-->SonicPoints.  Just the one is listed right now on the X4 (WLAN) interface.

My network is 192.168.1.1 (TZ 210) - 254.  DHCP is set to 192.168.1.200-248

I had to add the SonicPoint Ni #1 to a different Subnet for it to work (?) it is on 192.168.10.1 subnet 255.255.255.0  Not sure how the Ni #1 got the IP of 192.168.10.239 but it did.

Do I now have to add X5 to another subnet?  Because it wouldn't work on the 192.168.10.1 subnet.

Again I am trying to get both Ni's to act as a single one so I don't have to keep switching SSIDs going from one floor to another.
0
 

Author Comment

by:parmor
Comment Utility
OH and how do I then get X4 (192.168.10.1, 255.255.255.0) to talk to both Ni#2 and Servers/Computers on 192.168.1.1, 255.255.255.0?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:parmor
Comment Utility
OK Now  Ni #2 is on 192.168.11.1, 255.255.255.0

So to make it easier:
TZ 210 - 192.168.1.1   - 255.255.255.0
SonicPoint Ni #1 - 192.168.10.1    -   255.255.255.0
SonicPoint Ni #2 - 192.168.11.1    -   255.255.255.0
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
let's get one switch working and then we'll add the other. if you want to use other networks on the PoE switch, you'll need to create a vlan. are you ONLY going to have the sonicpoints on the poe switches?
0
 

Author Comment

by:parmor
Comment Utility
No.  
Right now.  Ni # 1 is using a PoE plugged directly in to X4 of the TZ 210
Ni # 1 - 192.168.10.1 network

Ni # 2 is plugged in to a Cisco PoE Switch  in to X5 of the TZ 210
Ni # 2 - 192.168.11.1 network
Ni # 2 Cisco PoE Switch also has 2 other devices connected to it. One PC and one Printer.


TZ 210 - 192.168.1.1 network.
Also, I disabled the Internal Antennas on the TZ 210 Wireless N so it is now just a TZ 210 sonicpoint info
0
 

Author Comment

by:parmor
Comment Utility
The Dell Switch is plugged in to X0
0
 

Author Comment

by:parmor
Comment Utility
Right now.  Ni # 1 is using a PoE plugged directly in to X4 of the TZ 210
sorry, Ni # 1 is using a PoE Injector in to X4, is what I meant to say.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
your settings look correct. in your response about regarding steps 5 and 6, i don't see that anywhere in my links i provided you. i've never had to pair the sonicpoints with the sonicwall. all i've ever had to do was to create my VAPs and the sonicpoints would be provisioned as longs they were connected to the proper ports on the sonicwall.

now, i've never had to use multiple switches. i'd recommend to you that you consider doing something different than what you are doing now. you have a single provisioning profile using the same SSID on two different interfaces. i'm not sure that the sonicwall will provision them correctly, but maybe it will.  what i'd do is setup one of the interfaces (x5) in transparent mode so that they are on the ame subnet. to be honest, i believe the VAPs need to be on the same subnet. either that or you need to add a little four port switch for Ni #1 and the cisco switch with the four port switch connected to the X4 interface.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
you need to get your sonicpoints on the same subnet. when you are ready to put in the guest wireless (if you are), then you need to create a new subnet for the guest network. this will need to be on the same port of the sonicwall.
0
 

Author Comment

by:parmor
Comment Utility
Right now I am only using two switches for simple purposes.  X1 connects to the Dell Switch which has nothing to do with the two SonicPoint Ni's (correct?)

Ni #1 is plugged in to a PoE injector and directly in to X4
Ni # 2 is plugged in to X5 then in to a Cisco PoE Switch that has Ni # 2, a Printer and a PC.

How do I know if it is or isn't working?

When I use my iphone I see one SSID ( i used the same name on both Ni's) Does that mean anything?


Also another thing to add is why are the X4 and X5 WLAN Is showing 100Mbps, why can't I change it to 300Mbps

The only reason I was concerned about steps 5 and 6 is because right now  I cannot download any firmware for the Ni's nor do I have support for them.   I would have assumed that equipment I added to my TZ 210 would use the Support for it.  Am I wrong?  Should they be using the same support and have options to download the firmware?
Or when connected and showing up in the SonicPointsN they do get updated?

Network-Settings.JPG
0
 

Author Comment

by:parmor
Comment Utility
What are the steps to get them on the same subnet?
0
 

Author Comment

by:parmor
Comment Utility
what i'd do is setup one of the interfaces (x5) in transparent mode so that they are on the ame subnet. to be honest,
How do I do that?
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 500 total points
Comment Utility
when a sonicpoint is connected to a sonicwall interface that's assigned the WLAN zone, the sonicwall will provision it. there is a default provisioning profile. you only need to create virtual access points if you are going to have only one SSID. if not, the default provisioning profile is sufficient.

when the sonicpoint checks in with the sonicwall, it receives the profile and the sonicwall will check the firmware on the sonicpoint. if it needs to be updated, it will receive the firmware directly from the sonicwall.

you really only need to connect one sonicpoint to the X4 interface and see if it appears under sonicpoints > sonicpointsNs. i have a screen shot attached of a sonicwall of what you should see. whether you are using corp or guest ssids, the sonicpoints should appear here.
sonicpoints.jpg
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
wait...forget the transparent idea. i just tried it on a sonicwall and it doesn't let me.
0
 

Author Comment

by:parmor
Comment Utility
When I go in to interfaces and add WLAN on X4 with VLAN 1 I try to add the same thing for X5 but I get the following:
Error: Subnet on this interface overlaps with another interface  
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
i need to see your sonicwall.
0
 

Author Comment

by:parmor
Comment Utility
ok I see the picture but how the heck did you configure all three on the same Interface?
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
a switch. i connected all the sonicpoints to a poe switch and connected the switch on the sonicwall interface. when the sonicpoints came online, they received the provisioning profile from the sonicwall. the sonicpoints rebooted and came online as you see it in the pic.
0
 

Author Comment

by:parmor
Comment Utility
Should I delete X5 on the interfaces?  
I think the first thing I did was log in to the SonicPoints and change the IPs from the default 192.168.1.20 to something else on both of them.
Then I manually added them to the Interfaces. I guess that was all wrong.
0
 

Author Comment

by:parmor
Comment Utility
I am going to do this.  The Dell Switch is just a standard switch.
I will plug both the Cat5e Cables that have X4 (PoE injector) and the X5 (Cisco PoE switch) in to the dell switch.  Then plug the Dell Switch in to X4. Does that seem right?
0
 

Author Comment

by:parmor
Comment Utility
Do I leave X4 on a different subnet?  Are all three of your SonicPoints on a different subnet from your Sonicwall Device?
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
http:#a35174112 - yes, i'd say set the sonicpoints to factory defaults. they'll be set to dhcp and pull an ip from the x4 interface and pull the provisioning profile.

http:#a35174113 - i understand you said this,

"I then took the Cat5e Cable that went from the Dell Switch (power connect 2816) downstairs that connected to the new Cisco PoE Switch and moved it to X5.  So, X5 is now directly connected to the Cisco PoE."

then, you said later that the Dell switch was connected to the X0 interface. i'm getting confused as to what's plugged into where.

did you create a vlan on the X4 interface?

what i'd do now is to reset the sonicpoint and connect it directly to the x4 interface. see if it communicates properly with the sonicwall. get one working and we'll look at the others.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
see a screen shot of my sonicwall interfaces. i'm only communicating on the two vlans. my switch has the two vlan setup. the ports the sonicpoints and sonicwall are connected to are all untagged members of the two vlans.
interface.JPG
0
 

Author Comment

by:parmor
Comment Utility
Sorry it is confusing to me too.

Prior to getting the SonicPoints:

Cable modem goes in to WAN port of TZ 210 (X1)

LAN port of TZ 210 (X0) is plugged in to Dell PowerConnect 2816 Switch.

One port on the Dell Switch goes downstairs to a small 5 port DLink gigabit Switch.  I had a Belkin AP in one port, a PC in another port and a network printer was plugged in to a 3rd port.

In the remaing Dell Switch I have 2 PCs, 1 Server, 1 Network Printer.  Directv Whole Home install (one cat5 cable) and a Laptop.
----
After Purchasing the SonicPoints
Ni # 1 Changed IP to a static IP of 192.168.1.92
Ni # 2 Changed IP to a static IP of 192.168.1.93

I removed the downstairs cheap dlink 5 port switch, unplugged the Belkin AP and set it aside (not plugged in anywhere)
I plugged in the Cisco PoE Switch after configuring the IP on it and giving full power to Port 8 (SonicPoint Ni #2).  Also, plugged in to the Cisco PoE switch, a PC and a Network Printer.

Upstairs: Plugged in the PoE injector and connected 2 Cat5e Cables to it. One to the SonicPoint Ni the other to the Dell Switch.

In the SonicPoint screen on the TZ 210 I saw nothing other than the profile I created a long time ago when the internal Antennas were used.

So I unplugged Ni # and plugged it in to X4 and then configured it as a WLAN interface and gave it an IP of 192.168.10.1 (because it had to be on a different subnet).

It showed up in the SonicPoint Screen.  So I then unplugged the Cable to the Cisco Switch from the Dell Switch and plugged it in X5 and configured it as a WLAN and gave it an IP of 192.168.11.1
---



0
 

Author Comment

by:parmor
Comment Utility
re: 35174133
ahh  I see.  Let me add a VLan to X4 for the the Ni #2

How do I reset the Interfaces?  The X5 still shows the data and I don't know what W0 is still doing there.
 interfaces as of now
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
i think W0 will stay there regardless, but as long as you have the wireless turned off, you'll be fine. just remove the zone from X5 and that will disable it. do you need more than one vlan?
0
 

Author Comment

by:parmor
Comment Utility
I plugged #1 with PoE injector to Dell Switch.
#2 that is plugged in to Cisco PoE Switch is now plugged in to Dell Switch.

Dell Switch now goes to X4.

I only need one vlan.
I tried to add
They both Show up now in the SonicPoint screen on the same subnet. sonicpoints
0
 

Author Comment

by:parmor
Comment Utility
I tired to match yours by adding the second Ni in the interfaces using Vlan Tag: 1 but I still get an error message about the subnet on this interface overlaps with another interface.
0
 

Author Comment

by:parmor
Comment Utility
Let deal with this on Monday. You are up late and I am too :)
I just had to deal with the Kstate loss. Hopefully KU makes up for tomorrow.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
i'm not sure. i think seeing will help. i'm not into sports. i'm currently watching mst3k: The Crawling Eye.
0
 

Expert Comment

by:nextwavepc
Comment Utility
Mind if I join in? I am having similar issues, I have a TZ210 Wireless I turned off WIFI ) 8 SonicPoint Ni. I have them connected to a switch and the switch in my X2 interface. The corporate wifi works perfect. They now want to add guess access. When I goto set this up I dont have a selection to add an interface. All I have is WLAN Subnet and I am not able to set up VLAN. Any ideas?
Thanks!
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
so, you go to network > interface and click Add Interface on the right...then, select WLAN and select the interface associated with the WLAN zone. right? what part of this process is giving you challenges?
0
 

Expert Comment

by:nextwavepc
Comment Utility
I dont have the add interface button. This is what is perplexing to me. Am I missing it? My interfaces
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
you've bridged your X0 interface with your X2 interface. if you want to vlan, then you'll need to break the bridge and put the X2 interface on it's own subnet.
0
 

Expert Comment

by:nextwavepc
Comment Utility
great. So if I do that how will I have the corporate users have access to network resources and not the guests.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
to answer that question, refer to my response in this question, http:#a35162679. if you have further challenges and need additional help, create an EE question and reference it here. i'd be happy to provide further assistance.
0
 

Expert Comment

by:nextwavepc
Comment Utility
0
 

Author Comment

by:parmor
Comment Utility
Last question:

I am not onsite and need to walk someone through plugging in the HA unit in to the NSA 2400.  Which port Port needs to be used on both devices to connect them correctly? Anything else needed prior to getting it setup in the Admin Site?
Thanks
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 500 total points
Comment Utility
on the GEN5 models, whichever interface you've designated the HA interface will be the ports the sonicwalls will connect to each other directly. the respective X0/X1 interfaces will connect to their own switch. here is the KB for setting up HA on the sonicwall enhanced appliance.

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=6234

0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now