Deploying additional Sonicpoints

Posted on 2016-08-11
Last Modified: 2016-12-26
Currently I have a Sonicpoint already configured to Sonicwall TZ500 and would like to add two additional Sonicpoint.

There are 3 virtual access points configured already as well as CFS policies in place for the VAPs.

The additional Sonicpoints will be installed on the second floor where the first one is already on the first floor.

I would like the second Sonicpoint to retain all the SSIDs, VAPs and CFS policies as the first.  Basically I just want to extend the VAPs on the first floor to the second.  How would I go about doing this?

Does the second Sonicpoint must be connected directly to an available port on the TZ500 or can it go through a switch (Cisco 2960)?

Also, how would I ensure that users will connect to nearest Sonicpoint (strongest signal)

Please provide step-by-step detailed instructions.

Thanks in advance!

Question by:Wayne88
  • 2
LVL 25

Accepted Solution

Diverse IT earned 500 total points
ID: 41753171
Hi Wayne,

Your device can support a max of 16 SonicPoints and has 8 GbE interfaces.

From the networking side you have three options:
1. You can plug a PoE injector directly into the SonicWALL on whatever port is open, e.g. X5-X7. One PoE injector would be required for each SonicPoint.
2. You can you a dumb switch (5-port NETGEAR or the like), plug the switch into X7 or another open port on the SonicWALL and then plug in all the PoE injectors and SonicPoints into the switch.
3. You can use a L3 switch and use the same configuration as #2 above but you'd need to specify the VLANs in the switch and routing so the traffic wouldn't go back into the X1 (LAN).

Then the other important points are any SonicPoint port in the SonicWALL must be classified Type as Wireless. I'd go to SonicPoint > SonicPoint in the firewall and configure the appropriate Profile, e.g. (SonicPointACe/ACi/N2, SonicPointN - depending on the SonicPoint model you have) under the SonicPointN Provisioning Profiles section. I'd recommend purchasing the same model for all your SonicPoints. In the Profile configuration is where you will specify what settings all of the SonicPoints should have. You can click on the Sync SonicPoints once you have configured the Profile and it will search for new ones and put them in below under the SonicPoints section. From that section you can manually configure them but I wouldn't recommend that. I prefer the Profile, especially when your goal is to have the VAPs & SSIDs extend through all the SonicPoints. It is easier to manage and enforces better consistency. At this point, I'm assuming you manually configured the first to get it to have the same config as the two new ones simple click delete (after-hours) and click on the Sync SonicPoints to re-join it and have the Profile apply.

Also, how would I ensure that users will connect to nearest Sonicpoint (strongest signal)
This occurs by the setup above via ESSID. When a user roams through the building and a signal gets weaker and then laptop sees a strong signal it will go through a seamless process of disconnecting and reconnecting to a stronger WAP. Essentially, your users will be able to connect on the first floor and if the WAPs are spread out correctly (no dead zones) they will seamless stay connected on each floor as they traverse around.

NOTE: that any configuration change to WAPs Profiles, VAPs, SSIDs, etc will result in a quick reboot of the SonicPoints. This is what needs to occur in any wireless network but SonicWALL has built in this automated feature as it is Best Practice. Keep that in mind when you make changes though.

FYI: Your VA-Corporate is wide open!

Just curious what do you use your Wireless Legacy for?

Let me know if you have any other questions!
LVL 14

Author Comment

ID: 41753423
Hi diverseit,

Thanks for your very detailed answer.  The VAP-Corporate was open for testing purpose but I will close it (Thanks for noticing).  The VAP-Legacy is for employees who wants to connect their phones/tablets to our WiFi but it's separated from the corporate network.

You did made a good point of using the same Sonicpoint model throughout the site.  I cancelled the order for the one they have in stock (it was for a different model than the one we have) then ordered the same model as the first Sonicpoint we purchased.  Unfortunately, this item is out of stock and it will take a little bit longer to arrive before I can apply your suggestions.

Everything you posted above makes sense and is very straightforward.  I believe you covered them all.

When you said " When a user roams through the building and a signal gets weaker and then laptop sees a strong signal it will go through a seamless process of disconnecting and reconnecting to a stronger WAP." then will Sonicwall be smart enough to manage that connection and drop the weaker link when it sees the same device near another one of it's APs or do I need to survey the site and manually minimize the signal strength overlap?

Thank you very much for your help and much appreciated!

LVL 14

Author Closing Comment

ID: 41756948
Hi diverseit,

Thanks for your help. It turned out that once I registered the Sonicpoint and connected it to the LAN, Sonicwall automatically detected the device then applied the existing Sonicpoint profile to the new AP.  All done automatically and seamless.  Thank you for your help!


Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question