Network > Zones
292
SonicOS 5.8.1 Administrator Guide
–
Enable External Guest Authentication - Requires guests connecting from the device
or network you select to authenticate before gaining access. This feature, based on
Lightweight Hotspot Messaging (LHM) is used for authenticating Hotspot users and
providing them parametrically bound network access.
Note Refer to the SonicWALL Lightweight Hotspot Messaging Tech Note available at the
SonicWALL documentation Web site http://www.sonicwall.com/us/Support.html for
complete configuration of the Enable External Guest Authentication feature.
–
Custom Authentication Page - Redirects users to a custom authentication page when
they first connect to the network. Click Configure to set up the custom authentication
page. Enter either a URL to an authentication page or a custom challenge statement in
the text field, and click OK.
–
Post Authentication Page - Directs users to the page you specify immediately after
successful authentication. Enter a URL for the post-authentication page in the field.
–
Bypass Guest Authentication - Allows the Guest Services feature to integrate into
environments already using some form of user-level authentication. This feature
automates the authentication process, allowing wireless users to reach Guest Services
resources without requiring authentication. This feature should only be used when
unrestricted Guest Service access is desired, or when another device upstream is
enforcing authentication.
–
Redirect SMTP traffic to - Redirects SMTP traffic incoming on this zone to an SMTP
server you specify. Select the address object to redirect traffic to.
–
Deny Networks - Blocks traffic to the networks you name. Select the subnet, address
group, or IP address to block traffic to.
–
Pass Networks - Allows traffic through the Guest Service-enabled zone to the
networks you select.
–
Max Guests - Specifies the maximum number of guest users allowed to connect to this
zone. The default setting is 10.
Special Guest Services Features for Wireless Zones
–
Enable Dynamic Address Translation (DAT) - Guest Services provides spur of the
moment “hotspot” access to wireless-capable guests and visitors. For easy
connectivity, Guest Services allows wireless users to authenticate and associate,
obtain IP settings, and authenticate using any Web-browser. Without DAT, if a guest
user is not a DHCP client, but instead has static IP settings incompatible with the
Wireless WLAN network settings, network connectivity is prevented until the user’s
settings change to compatible values. Dynamic Address Translation (DAT) is a form of
Network Address Translation (NAT) that allows the system to support any IP
addressing scheme for guest users. For example, the Wireless WLAN interface is
configured with its default address of 172.16.31.1, and one guest client has a static IP
address of 192.168.0.10 and a default gateway of 192.168.0.1, while another has a
static IP address of 10.1.1.10 and a gateway of 10.1.1.1, and DAT enables network
communication for both of these clients.
Step 5 Click OK to apply these settings to this zone.