Solved

New Network

Posted on 2011-09-07
7
1,223 Views
Last Modified: 2012-05-12
I'm setting up a network for a small business .  I have never had to do this from scratch.  I will have a sonicwall tz-200 and then I will split off two two different wireless routers

Sonicwall TZ-200 firewall Cisco WAP4410 (internal wireless access point) Cisco WRVS4400n (Guest wireless router)

I haven't gotten the equipment in yet.  Is there any advice anyone can give me on setting this up?  
0
Comment
Question by:reschete
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 11

Expert Comment

by:epichero22
ID: 36496475
I never used that SonicWall but obviously ensure that the Guest WiFi can't reach your internal users and vice-versa, and program your Guest WiFi for AP isolation so your Guest nodes cant reach one another.

How many people are connecting to your internal WiFi?
0
 
LVL 1

Author Comment

by:reschete
ID: 36496517
i'm sure between 4-6.  I think one of my questions is how do i get the internet to each router I understand the concept of networking but I'm just confused how making two different networks and getting the internet over to each
0
 
LVL 11

Expert Comment

by:epichero22
ID: 36496576
The SonicWall has a four-port switch in the back of it.  Plug each Cisco device into one of the switch ports, and the Cisco devices will distribute their own IP addresses via DHCP.  You can then program each Cisco with a separate SSID, password, and channel (make sure the channels are at least two away from each other as they will otherwise interfere).  Each router will be given Internet via the SonicWall given that their default Gateway is an address distributed by the SonicWall's DHCP.
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 
LVL 11

Accepted Solution

by:
epichero22 earned 400 total points
ID: 36496653
If that's confusing, let me describe it in a step-by-step example of what I think you should expect:

1. Power on the SonicWall.
2. Connect each Cisco Router to it via cabling.
3. Log into each Cisco Router and specify your DHCP pool, Wireless Information, and give each router a static IP address if you can; each DHCP pool should be on a unique subnet.
4. For the Guest WiFi, enable "AP Isolation"
5. Log into the SonicWall, and see what setting you can set to disable communication between the devices.

That should be it.  I set up a network similar to your own for a dental office; he wanted his patients to use the Internet while they waited for their appointment.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 100 total points
ID: 36496751
To isolate the guest wireless network from the rest of your network, you'll need to put them on their own zone (GuestWLAN or whatever you call it) within the sonicwall. In order to keep it simple, put the guest AP on it's own physical port and assign the guest zone to the port. The sonicwall will manage access based on zone. You'll want to assign the zone you create as a wireless zone which, by default, will not be trusted. When you view the firewall settings, you'll see that LAN <> GuestWLAN will be set to deny. However, GuestWLAN > WAN will be allowed so the guest wireless users will have internet access and that's it.

I don't know what's handing out IPs on your LAN. Whatever it is, I'd configure both access points to work in bridge mode. Have the sonicwall hand out IPs for your guest users and (if you have a Windows DHCP server) have your Windows DHCP server hand out IPs for trusted wireless users.

Speaking of trusted wireless users, I'd put your "corporate" AP on the network switch and not have it connect to the sonicwall. Keep the complexities down.


Hope that helps.
0
 
LVL 32

Expert Comment

by:aleghart
ID: 36497469
If you get the TZ-200w you can broadcast multiple SSIDs from the single appliance.  If you need more range, it can support up to 2 SonicPoint WAPs, managed from the TZ-200.  We are in the process of doing that now.

No reason to have separate WAPs for two networks.  WAPs have been able to handle multiple SSIDs and even VLANs for years.
0
 
LVL 1

Author Closing Comment

by:reschete
ID: 36717148
Thanks Guys
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question