Solved

SonicWall tz200 wireless

Posted on 2014-11-23
12
250 Views
Last Modified: 2014-11-25
Hello,
I work from home,
I have a SonicWall TZ200 Wireless, connected to the office through VPN.

I need to separate my home/Personal Devices from my VPN connection.
All of my devices are wireless.

I have an extra access point Trendnet. (that I could use to create a second wireless for personal/Home).

I have never worked with sonicwall before.

Can you please help me with this (Step by Step guide pelase).

thank you,
please see attached screen shot of ports.
Ports.pdf
0
Comment
Question by:W.E.B
  • 6
  • 5
12 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 40461819
Not sure if you mean that you want separate logins for one network or the other, or something else.

Take a look at the following on setting up guest wireless. This shows you how to set up to separate wireless areas, assigning what you want to each.

https://support.software.dell.com/sonicwall-tz-series/kb/sw4955
0
 

Author Comment

by:W.E.B
ID: 40462159
Hello carlmd,
Thank you for your help and time.

As I mentioned earlier, I'm just trying to separate my house devices from work devices.
Right now, my house devices are detected  on the work network.

I tried to follow the link for creating a guest account (which , I guess, will be my house devices).

However, my WLAN is already configured. (Please see attached).

Thank you,
img017.pdf
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 40462203
One way to do this: make an address group of your work devices, then make an allow firewall rule for them. Then make a block all lan to vpn below that rule.
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 

Author Comment

by:W.E.B
ID: 40463309
HI Aaron,
Can you please guide me - step by step - (I've never worked with Sonic wall before).

Will this prevent my home devices from showing on Work network (vpn).

Thank you
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 40463458
sure. You get firewall rules by default across zones, but you can also make address objects and address object groups to make rules with.
There are at least 3 ways to do this:
1. if all the devices are going to be in the same zone, make address objects
2. Make a new ssid for work or home and Make a different zone (either for work or home) and only allow the vpn to the work zone.
3. same as 2 but you can make your other trendnet ap a different zone by plugging it into a different port and giving it a different subnet

so for way 1, start by making an address object for your laptop
then make a group and call it something like G-VpnAllowDevices
then goto firewall, matrix, vpn->lan
make an allow from anywhere to G-VpnAllowDevices
make deny all
goto firewall, matrix, lan->vpn
make an allow from G-VpnAllowDevices to anywhere
make deny all

if you want to do 2 or 3 instead, let me know if you need assistance with those.
0
 

Author Comment

by:W.E.B
ID: 40463489
Hi Aaron,
Thank you for your time.

Number three is the one I had in mind,
Different home zone, Different Home Subnet.

I attached a screen shots of my ports and Interface.

thanks,
Interface.pdf
Ports.pdf
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 40463600
ok, so set the ap up as just an ap, not a router, no dns, dhcp, etc...
do you want to use this one for work or personal? I'll assume personal.

make a new zone called homeWifi
assign an unused (x2 or x3) interface to this zone instead of portshielded to x0
assign it an subnet and ip (e.g. 192.168.11.x)
plug the lan of the ap into x2
anything on that ap either wired or wireless will be part of the homewifi zone

now you have a seperate zone. depending on how you did your vpn, it might already not let the homewifi zone in, but if it does, in the firewall, vpn->homewifi add a deny all rule.
0
 

Author Comment

by:W.E.B
ID: 40463611
Sorry Aaron,
I'm a bit slow on this.

So I go to Network > zones, Add  , then what?
I put the Name, but it's asking for Security type, and check marks to Enable .. create ..

assign an unused (x2 or x3) interface
How do I do this?

A step by step guide is greatly appreciated.

Thank you
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 40463616
Here are most of the steps
http://mobile.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_28240877.html

I've got all my sonicwalls on 6.2 firmware so I can't give you exact steps from my gear as yours is older. You can get the manual from somicwall and the interface also has a great help for the specific choices.
0
 

Author Comment

by:W.E.B
ID: 40465285
Thank you Aaron,
I followed your instructions, along with the link.
Created a zone,
added the interface (x2)
plugged my AP to x2,
now I have a new wireless with new ip, subnet.

the only problem I have is, when I connect to the new wireless, I need to add a static ip to my devices to get connected.

is there a way to make the devices assigned an ip automatically?

thanks again.
0
 
LVL 38

Accepted Solution

by:
Aaron Tomosky earned 500 total points
ID: 40465529
network->dhcp
add a new dhcp range for that network
0
 

Author Closing Comment

by:W.E.B
ID: 40465609
Thank you very much.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
cisco switch POE watt limitation 5 78
CISCO Smartnet agreement 5 38
Home wireless security 10 48
Best alternatives to Solarwinds 14 50
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question