wiki:sonicwall:vap
Differences
This shows you the differences between two versions of the page.
wiki:sonicwall:vap [2018/02/16 17:15] – created matt | wiki:sonicwall:vap [2018/02/20 15:16] (current) – matt | ||
---|---|---|---|
Line 88: | Line 88: | ||
==== Virtual Access Point Group ==== | ==== Virtual Access Point Group ==== | ||
//You will create a group of your VAPs that can be easily applied to multiple SonicPoints.// | //You will create a group of your VAPs that can be easily applied to multiple SonicPoints.// | ||
+ | |||
Navigate to: | Navigate to: | ||
- | SonicPoints > Virtual Access Points | + | |
+ | '' | ||
Find: | Find: | ||
- | Virtual Access Point Groups > Add Group | + | |
- | VAP Group Window | + | '' |
- | Name: Name the group | + | |
- | Object Panes: Select and add the Available VAP Objects (VAPs and other groups will appear here) that you want to be applied to any single SonicPoint in the group panes. | + | === VAP Group Window |
+ | |||
+ | * **Name:** Name the group | ||
+ | * **Object Panes:** Select and add the Available VAP Objects (VAPs and other groups will appear here) that you want to be applied to any single SonicPoint in the group panes. | ||
OK | OK | ||
- | SoncicPoint Provisioning Profile | + | ==== SoncicPoint Provisioning Profile |
Navigate to: | Navigate to: | ||
- | SonicPoint > SonicPoints | + | |
+ | '' | ||
Find: | Find: | ||
- | SonicPoint Provisioning Profiles | ||
- | Create or edit your provisoning profiles to use the VAP Group desired and sync your SonicPoints. | ||
- | Firewall Rules | + | '' |
- | You will need to define all rules for your new VLAN/VAPs. They will appear as a zone now in the Firewall section. Matrix view will make defining the needed rules easier. | + | |
+ | Create or edit your provisioning profiles to use the VAP Group desired and sync your SonicPoints. | ||
+ | |||
+ | ==== Firewall Rules ==== | ||
+ | //You will need to define all rules for your new VLAN/VAPs. They will appear as a zone now in the Firewall section. Matrix view will make defining the needed rules easier.// | ||
For our corperate VLAN/VAP you need to allow all traffic in both directions for LAN and VPN. And make sure it has access to WAN. | For our corperate VLAN/VAP you need to allow all traffic in both directions for LAN and VPN. And make sure it has access to WAN. | ||
Line 111: | Line 123: | ||
For Guest networks you might not have to change anything other than mess with WAN rules. | For Guest networks you might not have to change anything other than mess with WAN rules. | ||
- | Remote Site Address Group for VPN | + | ==== Remote Site Address Group for VPN ==== |
- | You will need to make an Address Group Object that includes your VLAN and LAN objects. | + | //Since there are now two ranges or IPs that the VPN will need to worry about, you need to crate a group that contains both range values.// |
- | Create Address Group | + | |
+ | //You will need to make an Address Group Object that includes your VLAN and LAN objects.// | ||
+ | |||
+ | === Create Address Group === | ||
Navigate to: | Navigate to: | ||
- | Firewall > Address Objects | + | |
+ | '' | ||
Find: | Find: | ||
- | Address Groups > Add | + | |
- | Add the subnets for LAN and VLAN. | + | '' |
- | VPN Settings | + | |
+ | * Add the subnets for LAN and VLAN. | ||
+ | |||
+ | === VPN Settings | ||
Apply that object to the ' | Apply that object to the ' | ||
- | Home Office Address Objects for VPN | + | ==== Home Office Address Objects for VPN ==== |
- | At the home office you will need to create address objects and group that define the IP ranges of the LAN and VLAN at the remote site. | + | //At the home office you will need to create address objects and group that define the IP ranges of the LAN and VLAN at the remote site.// |
- | Create Address Objects | + | |
+ | === Create Address Objects | ||
Navigate to: | Navigate to: | ||
- | Firewall > Address Objects | + | |
+ | '' | ||
Find: | Find: | ||
- | Address Objects > Add | ||
- | Create an IP Range Object for the remote site's LAN | ||
- | Create an IP Range OBject for the remote site's VLAN | ||
- | Create Address Group | + | '' |
+ | * Create an IP Range Object for the remote site's LAN | ||
+ | * Create an IP Range OBject for the remote site's VLAN | ||
+ | |||
+ | === Create Address Group === | ||
Navigate to: | Navigate to: | ||
- | Firewall > Address Objects | + | |
+ | '' | ||
Find: | Find: | ||
- | Address Groups > Add | ||
- | Crate an Address Group that contains the Address Objects you created for the remote site. | ||
- | VPN Settings | + | '' |
- | Apply the remote site's Address Group to the ' | + | |
+ | * Crate an Address Group that contains the Address Objects you created for the remote site. | ||
+ | |||
+ | === VPN Settings | ||
+ | | ||
- | If everything was done right, you should be able to connect to the Corperate VAP and be able to pass traffic through the VPN. Loading the Wiki is a good test. | + | //If everything was done right, you should be able to connect to the Corperate VAP and be able to pass traffic through the VPN. Loading the Wiki is a good test.// |
- | Sources | + | ===== Sources |
Covers the VLAN portion and some of the VAP creation | Covers the VLAN portion and some of the VAP creation | ||
https:// | https:// |
wiki/sonicwall/vap.1518819336.txt.gz · Last modified: 2018/02/16 17:15 by matt