Solved

New Network

Posted on 2011-09-07
7
1,224 Views
Last Modified: 2012-05-12
I'm setting up a network for a small business .  I have never had to do this from scratch.  I will have a sonicwall tz-200 and then I will split off two two different wireless routers

Sonicwall TZ-200 firewall Cisco WAP4410 (internal wireless access point) Cisco WRVS4400n (Guest wireless router)

I haven't gotten the equipment in yet.  Is there any advice anyone can give me on setting this up?  
0
Comment
Question by:reschete
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 11

Expert Comment

by:epichero22
ID: 36496475
I never used that SonicWall but obviously ensure that the Guest WiFi can't reach your internal users and vice-versa, and program your Guest WiFi for AP isolation so your Guest nodes cant reach one another.

How many people are connecting to your internal WiFi?
0
 
LVL 1

Author Comment

by:reschete
ID: 36496517
i'm sure between 4-6.  I think one of my questions is how do i get the internet to each router I understand the concept of networking but I'm just confused how making two different networks and getting the internet over to each
0
 
LVL 11

Expert Comment

by:epichero22
ID: 36496576
The SonicWall has a four-port switch in the back of it.  Plug each Cisco device into one of the switch ports, and the Cisco devices will distribute their own IP addresses via DHCP.  You can then program each Cisco with a separate SSID, password, and channel (make sure the channels are at least two away from each other as they will otherwise interfere).  Each router will be given Internet via the SonicWall given that their default Gateway is an address distributed by the SonicWall's DHCP.
0
Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

 
LVL 11

Accepted Solution

by:
epichero22 earned 400 total points
ID: 36496653
If that's confusing, let me describe it in a step-by-step example of what I think you should expect:

1. Power on the SonicWall.
2. Connect each Cisco Router to it via cabling.
3. Log into each Cisco Router and specify your DHCP pool, Wireless Information, and give each router a static IP address if you can; each DHCP pool should be on a unique subnet.
4. For the Guest WiFi, enable "AP Isolation"
5. Log into the SonicWall, and see what setting you can set to disable communication between the devices.

That should be it.  I set up a network similar to your own for a dental office; he wanted his patients to use the Internet while they waited for their appointment.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 100 total points
ID: 36496751
To isolate the guest wireless network from the rest of your network, you'll need to put them on their own zone (GuestWLAN or whatever you call it) within the sonicwall. In order to keep it simple, put the guest AP on it's own physical port and assign the guest zone to the port. The sonicwall will manage access based on zone. You'll want to assign the zone you create as a wireless zone which, by default, will not be trusted. When you view the firewall settings, you'll see that LAN <> GuestWLAN will be set to deny. However, GuestWLAN > WAN will be allowed so the guest wireless users will have internet access and that's it.

I don't know what's handing out IPs on your LAN. Whatever it is, I'd configure both access points to work in bridge mode. Have the sonicwall hand out IPs for your guest users and (if you have a Windows DHCP server) have your Windows DHCP server hand out IPs for trusted wireless users.

Speaking of trusted wireless users, I'd put your "corporate" AP on the network switch and not have it connect to the sonicwall. Keep the complexities down.


Hope that helps.
0
 
LVL 32

Expert Comment

by:aleghart
ID: 36497469
If you get the TZ-200w you can broadcast multiple SSIDs from the single appliance.  If you need more range, it can support up to 2 SonicPoint WAPs, managed from the TZ-200.  We are in the process of doing that now.

No reason to have separate WAPs for two networks.  WAPs have been able to handle multiple SSIDs and even VLANs for years.
0
 
LVL 1

Author Closing Comment

by:reschete
ID: 36717148
Thanks Guys
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question