We help IT Professionals succeed at work.

Turn Dell SonicWall TZ 210 wireless-n into access point

TZ 210 SonicOS Enhanced 5.8.1.15-71o
Put in a new Watchguard firewall and am just trying to use this SonicWall as an access point now but I can't get it to work.
Trying to do bridged mode and create two SSIDs; one for corp and one for guest.
Corp will have access to the LAN and guest will go just to internet.
Tried this:  https://support.software.dell.com/kb/sw10837
x0 and w0 bridge are 192.168.120.1
Created sub-interface on W0 at 10.10.10.1.
Am unable to ping 10.10.10.1 and guests can't get out to the internet...or the LAN even if I do a firewall rule for any-any allowed.
Anybody have any ideas?
TIA!
Comment
Watch Question

Commented:
Don't have a place I can test this as I don't have a wireless Sonicwall, but my guess is you really don't need to bridge anything.  Just plug a wire from your LAN into X0 and assign it a static on your lan.  Plug a cable from your Watchguard directly into another X port on the Sonicwall and assign it a static that would be on your WAN or via a DMZ on the Watchguard.

If the Sonicwall allows you to assign an SSID to an interface, then point the appropriate SSID at the appropriate interface and that should do it.  If the Watchguard isn't giving out IP addresses on the DMZ, you'd need to setup the Sonicwall to handle DHCP on the guest interface.
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
The issue isn't you, but SonicWall are not really designed to do what you're attempting. But in theory, you could try bringing the wireless interface with the WAN port. That might actually do the trick. I assume that you set up VLANs on the watchguard.

Author

Commented:
Thanks.  I think you're right and although Dell gives instructions for this, it doesn't seem to work.  The corp ssid works but the guest network on the V200 I created doesn't do anything.  Can't even ping the sub interface IP 10.10.10.1 from the Sonicwall diagnostics page.  If the box can't even find an IP on one of its own interfaces, then I don't think there's much we can do.  
I'll keep this open for a couple days and see if something magical happens.  Thanks again for your help.
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
Could you please post your configuration for the SonicWall WAN and wireless interfaces? And also mention VLANs that exist. Might give me some more ideas. But I wouldn't be shocked if the WAN interface won't let you look at multiple VLANs.

Author

Commented:
Will this work for you?
EE-Config.txt
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
That definitely helps.

So... since you want the Watchguard to do the heavy lifting, W0 needs to be bridged to X1. Then try everything else you want to do from there. Note that I am assuming the Watchguard is where the VLANs are configured.

Author

Commented:
I noticed the config was cut off.  Here's the full version.  Let me know if you still think W0 needs to be bridged to X1.  You're saying W0 shouldn't be bridged to X0?  X1 is currently configured with a public IP as it's the WAN port.  X1 connects straight to the comcast modem as of right now.
EE-Config1.txt
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
Well, I was answering based on your original question, which was to use the SonicWall as an access point and the Watchguard as your firewall.

Since all of the network information would be coming from the Watchguard, you would have to focus on the WAN port.

But it looks like you really want to fix your SonicWall issue, which is fine and doable.

Please confirm whether this is the case.

Traditional

Author

Commented:
Oh yea, you're correct about it being an AP.  We just plugged it straight into the comcast for testing.  I do want the watchguard doing all the work.
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Then yes, you would be bridging W0 to X1. I may play with a spare SonicWall on Monday to test a theory related to this, especially regarding multiple wireless networks.

Author

Commented:
Oh wait, I can't change X1's zone as it's fixed WAN and can't set it to anything but static, dhcp, ppoe, pptp, or l2tp.
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Question answered