Solved

New Network

Posted on 2011-09-07
7
1,217 Views
Last Modified: 2012-05-12
I'm setting up a network for a small business .  I have never had to do this from scratch.  I will have a sonicwall tz-200 and then I will split off two two different wireless routers

Sonicwall TZ-200 firewall Cisco WAP4410 (internal wireless access point) Cisco WRVS4400n (Guest wireless router)

I haven't gotten the equipment in yet.  Is there any advice anyone can give me on setting this up?  
0
Comment
Question by:reschete
7 Comments
 
LVL 11

Expert Comment

by:epichero22
ID: 36496475
I never used that SonicWall but obviously ensure that the Guest WiFi can't reach your internal users and vice-versa, and program your Guest WiFi for AP isolation so your Guest nodes cant reach one another.

How many people are connecting to your internal WiFi?
0
 
LVL 1

Author Comment

by:reschete
ID: 36496517
i'm sure between 4-6.  I think one of my questions is how do i get the internet to each router I understand the concept of networking but I'm just confused how making two different networks and getting the internet over to each
0
 
LVL 11

Expert Comment

by:epichero22
ID: 36496576
The SonicWall has a four-port switch in the back of it.  Plug each Cisco device into one of the switch ports, and the Cisco devices will distribute their own IP addresses via DHCP.  You can then program each Cisco with a separate SSID, password, and channel (make sure the channels are at least two away from each other as they will otherwise interfere).  Each router will be given Internet via the SonicWall given that their default Gateway is an address distributed by the SonicWall's DHCP.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 11

Accepted Solution

by:
epichero22 earned 400 total points
ID: 36496653
If that's confusing, let me describe it in a step-by-step example of what I think you should expect:

1. Power on the SonicWall.
2. Connect each Cisco Router to it via cabling.
3. Log into each Cisco Router and specify your DHCP pool, Wireless Information, and give each router a static IP address if you can; each DHCP pool should be on a unique subnet.
4. For the Guest WiFi, enable "AP Isolation"
5. Log into the SonicWall, and see what setting you can set to disable communication between the devices.

That should be it.  I set up a network similar to your own for a dental office; he wanted his patients to use the Internet while they waited for their appointment.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 100 total points
ID: 36496751
To isolate the guest wireless network from the rest of your network, you'll need to put them on their own zone (GuestWLAN or whatever you call it) within the sonicwall. In order to keep it simple, put the guest AP on it's own physical port and assign the guest zone to the port. The sonicwall will manage access based on zone. You'll want to assign the zone you create as a wireless zone which, by default, will not be trusted. When you view the firewall settings, you'll see that LAN <> GuestWLAN will be set to deny. However, GuestWLAN > WAN will be allowed so the guest wireless users will have internet access and that's it.

I don't know what's handing out IPs on your LAN. Whatever it is, I'd configure both access points to work in bridge mode. Have the sonicwall hand out IPs for your guest users and (if you have a Windows DHCP server) have your Windows DHCP server hand out IPs for trusted wireless users.

Speaking of trusted wireless users, I'd put your "corporate" AP on the network switch and not have it connect to the sonicwall. Keep the complexities down.


Hope that helps.
0
 
LVL 32

Expert Comment

by:aleghart
ID: 36497469
If you get the TZ-200w you can broadcast multiple SSIDs from the single appliance.  If you need more range, it can support up to 2 SonicPoint WAPs, managed from the TZ-200.  We are in the process of doing that now.

No reason to have separate WAPs for two networks.  WAPs have been able to handle multiple SSIDs and even VLANs for years.
0
 
LVL 1

Author Closing Comment

by:reschete
ID: 36717148
Thanks Guys
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now