Support User Manuals

SonicWALL 5.8.1 Microscope & Magnifier User Manual

Open as PDF

of 1490

SonicPoint > Virtual Access Point

563

SonicOS 5.8.1 Administrator Guide

A Sample Network

The following is a sample VAP network configuration, describing four separate VAPs:

• VAP #1, Corporate Wireless Users – A set of users who are commonly in the office, and

to whom should be given full access to all network resources, providing that the connection

is authenticated and secure. These users already belong to the network’s Directory

Service, Microsoft Active Directory, which provides an EAP interface through IAS – Internet

Authentication Services.

• VAP#2, Legacy Wireless Devices – A collection of older wireless devices, such as

printers, PDAs and handheld devices, that are only capable of WEP encryption.

• VAP#3, Visiting Partners – Business partners, clients, and affiliated who frequently visit

the office, and who need access to a limited set of trusted network resources, as well as

the Internet. These users are not located in the company’s Directory Services.

• VAP# 4, Guest Users – Visiting clients to whom you wish to provide access only to

untrusted (e.g. Internet) network resources. Some guest users will be provided a simple,

temporary username and password for access.

• VAP#5, Frequent Guest Users – Same as Guest Users, however, these users will have

more permanent guest accounts through a back-end database.

Determining Security Configurations

Understanding these requirements, you can then define the zones (and interfaces) and VAPs

that will provide wireless services to these users:

• Corp Wireless – Highly trusted wireless zone. Employs WPA2-AUTO-EAP security.

WiFiSec (WPA) Enforced.

• WEP & PSK – Moderate trust wireless zone. Comprises two virtual APs and subinterfaces,

one for legacy WEP devices (e.g. wireless printers, older handheld devices) and one for

visiting clients who will use WPA-PSK security.

• Guest Services – Using the internal Guest Services user database.

• LHM – Lightweight Hotspot Messaging enabled zone, configured to use external LHM

authentication-back-end server.

VAP Configuration Worksheet

The worksheet below provides some common VAP setup questions and solutions along with a

space for you to record your own configurations.

Questions Examples Solutions

How many different types of

users will I need to support?

Corporate wireless, guest access, visiting

partners, wireless devices are all common

user types, each requiring their own VAP

Plan out the number of different

VAPs needed. Configure a zone

and VLAN for each VAP needed

Your Configurations:

previous next