User Tools

Site Tools

Trace:
wiki:sonicwall:vap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

wiki:sonicwall:vap [2018/02/16 17:15] – created mattwiki:sonicwall:vap [2018/02/20 15:16] (current) matt
Line 88: Line 88:
 ==== Virtual Access Point Group ==== ==== Virtual Access Point Group ====
 //You will create a group of your VAPs that can be easily applied to multiple SonicPoints.// //You will create a group of your VAPs that can be easily applied to multiple SonicPoints.//
 +
 Navigate to: Navigate to:
-SonicPoints > Virtual Access Points+ 
 +''SonicPoints > Virtual Access Points'' 
 Find: Find:
-Virtual Access Point Groups > Add Group + 
-VAP Group Window +''Virtual Access Point Groups > Add Group'' 
-Name: Name the group + 
-Object Panes: Select and add the Available VAP Objects (VAPs and other groups will appear here) that you want to be applied to any single SonicPoint in the group panes.+=== VAP Group Window === 
 + 
 +  * **Name:** Name the group 
 +  * **Object Panes:** Select and add the Available VAP Objects (VAPs and other groups will appear here) that you want to be applied to any single SonicPoint in the group panes. 
 OK OK
  
-SoncicPoint Provisioning Profile+==== SoncicPoint Provisioning Profile ==== 
 Navigate to: Navigate to:
-SonicPoint > SonicPoints+ 
 +''SonicPoint > SonicPoints'' 
 Find: Find:
-SonicPoint Provisioning Profiles 
-Create or edit your provisoning profiles to use the VAP Group desired and sync your SonicPoints. 
  
-Firewall Rules +''SonicPoint Provisioning Profiles'' 
-You will need to define all rules for your new VLAN/VAPs. They will appear as a zone now in the Firewall section. Matrix view will make defining the needed rules easier.+ 
 +Create or edit your provisioning profiles to use the VAP Group desired and sync your SonicPoints. 
 + 
 +==== Firewall Rules ==== 
 +//You will need to define all rules for your new VLAN/VAPs. They will appear as a zone now in the Firewall section. Matrix view will make defining the needed rules easier.//
  
 For our corperate VLAN/VAP you need to allow all traffic in both directions for LAN and VPN. And make sure it has access to WAN. For our corperate VLAN/VAP you need to allow all traffic in both directions for LAN and VPN. And make sure it has access to WAN.
Line 111: Line 123:
 For Guest networks you might not have to change anything other than mess with WAN rules. For Guest networks you might not have to change anything other than mess with WAN rules.
  
-Remote Site Address Group for VPN +==== Remote Site Address Group for VPN ==== 
-You will need to make an Address Group Object that includes your VLAN and LAN objects. +//Since there are now two ranges or IPs that the VPN will need to worry about, you need to crate a group that contains both range values.// 
-Create Address Group+ 
 +//You will need to make an Address Group Object that includes your VLAN and LAN objects.// 
 + 
 +=== Create Address Group ===
 Navigate to: Navigate to:
-Firewall > Address Objects+ 
 +''Firewall > Address Objects'' 
 Find: Find:
-Address Groups > Add + 
-Add the subnets for LAN and VLAN. +''Address Groups > Add'' 
-VPN Settings+ 
 +  * Add the subnets for LAN and VLAN. 
 +   
 +=== VPN Settings ===
 Apply that object to the 'Choose Local Network' dropdown in the Network tab on the VPN profile settings. Apply that object to the 'Choose Local Network' dropdown in the Network tab on the VPN profile settings.
  
-Home Office Address Objects for VPN +==== Home Office Address Objects for VPN ==== 
-At the home office you will need to create address objects and group that define the IP ranges of the LAN and VLAN at the remote site. +//At the home office you will need to create address objects and group that define the IP ranges of the LAN and VLAN at the remote site.// 
-Create Address Objects+ 
 +=== Create Address Objects ===
 Navigate to: Navigate to:
-Firewall > Address Objects+ 
 +''Firewall > Address Objects''
 Find: Find:
-Address Objects > Add 
-Create an IP Range Object for the remote site's LAN 
-Create an IP Range OBject for the remote site's VLAN 
  
-Create Address Group+''Address Objects > Add'' 
 +  * Create an IP Range Object for the remote site's LAN 
 +  * Create an IP Range OBject for the remote site's VLAN 
 + 
 +=== Create Address Group ===
 Navigate to: Navigate to:
-Firewall > Address Objects+ 
 +''Firewall > Address Objects'' 
 Find: Find:
-Address Groups > Add 
-Crate an Address Group that contains the Address Objects you created for the remote site. 
  
-VPN Settings +''Address Groups > Add'' 
-Apply the remote site's Address Group to the 'Choose Destination Network' dropdown in Remote Networks section on the site's VPN settings.+ 
 +  * Crate an Address Group that contains the Address Objects you created for the remote site. 
 + 
 +=== VPN Settings === 
 +  Apply the remote site's Address Group to the 'Choose Destination Network' dropdown in Remote Networks section on the site's VPN settings.
  
-If everything was done right, you should be able to connect to the Corperate VAP and be able to pass traffic through the VPN. Loading the Wiki is a good test.+//If everything was done right, you should be able to connect to the Corperate VAP and be able to pass traffic through the VPN. Loading the Wiki is a good test.//
  
-Sources+===== Sources =====
 Covers the VLAN portion and some of the VAP creation Covers the VLAN portion and some of the VAP creation
 https://www.sonicwall.com/en-us/support/knowledge-base/170503869309058 https://www.sonicwall.com/en-us/support/knowledge-base/170503869309058
wiki/sonicwall/vap.1518819336.txt.gz · Last modified: 2018/02/16 17:15 by matt