?
Solved

New Network

Posted on 2011-09-07
7
Medium Priority
?
1,226 Views
Last Modified: 2012-05-12
I'm setting up a network for a small business .  I have never had to do this from scratch.  I will have a sonicwall tz-200 and then I will split off two two different wireless routers

Sonicwall TZ-200 firewall Cisco WAP4410 (internal wireless access point) Cisco WRVS4400n (Guest wireless router)

I haven't gotten the equipment in yet.  Is there any advice anyone can give me on setting this up?  
0
Comment
Question by:reschete
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 11

Expert Comment

by:epichero22
ID: 36496475
I never used that SonicWall but obviously ensure that the Guest WiFi can't reach your internal users and vice-versa, and program your Guest WiFi for AP isolation so your Guest nodes cant reach one another.

How many people are connecting to your internal WiFi?
0
 
LVL 1

Author Comment

by:reschete
ID: 36496517
i'm sure between 4-6.  I think one of my questions is how do i get the internet to each router I understand the concept of networking but I'm just confused how making two different networks and getting the internet over to each
0
 
LVL 11

Expert Comment

by:epichero22
ID: 36496576
The SonicWall has a four-port switch in the back of it.  Plug each Cisco device into one of the switch ports, and the Cisco devices will distribute their own IP addresses via DHCP.  You can then program each Cisco with a separate SSID, password, and channel (make sure the channels are at least two away from each other as they will otherwise interfere).  Each router will be given Internet via the SonicWall given that their default Gateway is an address distributed by the SonicWall's DHCP.
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 11

Accepted Solution

by:
epichero22 earned 1600 total points
ID: 36496653
If that's confusing, let me describe it in a step-by-step example of what I think you should expect:

1. Power on the SonicWall.
2. Connect each Cisco Router to it via cabling.
3. Log into each Cisco Router and specify your DHCP pool, Wireless Information, and give each router a static IP address if you can; each DHCP pool should be on a unique subnet.
4. For the Guest WiFi, enable "AP Isolation"
5. Log into the SonicWall, and see what setting you can set to disable communication between the devices.

That should be it.  I set up a network similar to your own for a dental office; he wanted his patients to use the Internet while they waited for their appointment.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 400 total points
ID: 36496751
To isolate the guest wireless network from the rest of your network, you'll need to put them on their own zone (GuestWLAN or whatever you call it) within the sonicwall. In order to keep it simple, put the guest AP on it's own physical port and assign the guest zone to the port. The sonicwall will manage access based on zone. You'll want to assign the zone you create as a wireless zone which, by default, will not be trusted. When you view the firewall settings, you'll see that LAN <> GuestWLAN will be set to deny. However, GuestWLAN > WAN will be allowed so the guest wireless users will have internet access and that's it.

I don't know what's handing out IPs on your LAN. Whatever it is, I'd configure both access points to work in bridge mode. Have the sonicwall hand out IPs for your guest users and (if you have a Windows DHCP server) have your Windows DHCP server hand out IPs for trusted wireless users.

Speaking of trusted wireless users, I'd put your "corporate" AP on the network switch and not have it connect to the sonicwall. Keep the complexities down.


Hope that helps.
0
 
LVL 32

Expert Comment

by:aleghart
ID: 36497469
If you get the TZ-200w you can broadcast multiple SSIDs from the single appliance.  If you need more range, it can support up to 2 SonicPoint WAPs, managed from the TZ-200.  We are in the process of doing that now.

No reason to have separate WAPs for two networks.  WAPs have been able to handle multiple SSIDs and even VLANs for years.
0
 
LVL 1

Author Closing Comment

by:reschete
ID: 36717148
Thanks Guys
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question