I purchased a Sonicpoint NE to hook up to my Sonicwall NSA240. What I like about these is the central configuration. What I don’t like about them is that that you cannot just attach this to your Sonicwall and expect to access your LAN after connecting it to an interface. As I understand it, the way Sonicpoints are are meant to work is to be setup so you can get Internet Access, but for the local LAN access you would need to use a VPN connection. This is not always ideal for all setups, but is probably the most secure. Here’s a quick writeup on how to get your Sonicpoint WLAN network to communicate with your LAN without having to VPN in. You should always make sure that this will conform to your company’s security policy’s for wireless access because they may need to comply with the Payment Card Industry standards for security or some other policy. For this writeup, my LAN is on the X0 interface which is 192.168.1.1, and I am placing my Sonicpoint on the X8 interface.
NOTE: This might knock your existing users off of the wireless, so please make sure that no one is using the device before you perform these steps.
- Plug your Sonicpoint into your desired port. I plugged mine into X8. Then make sure that the Sonicwall recognizes it by going to the Sonicpoint section on the Sonicwall menu, then looking under the SonicpointN’s section, (or Sonicpoints section if you don’t have a Sonicwall N device) to make sure that it recognizes it. If it doesn’t you may need to upgrade the firmware in the Sonicwall. Sometimes when a Sonicwall gets shipped to you it’s using a really old Firmware and it needs to be upgraded to recognize newer devices.
- Configure the Provisioning profile so you can apply this to all of your Sonicpoints that you will place in this zone. There are 2 of these, one for Wireless N and one for A/G.
- On the “Settings Tab”, name it, and click the box to “Enable Sonicpoint”
- On the “802.11n Radio Tab” (if you’re using an N device), set all your security including SSID and password, for this I’m using WPA2 Personal – PSK with AES. (You can also use EAP if you would like to configure this with a RADIUS server or Windows IAS.)
Setup to Allow Access From WLAN Zone to LAN
- Login to your Sonicwall, then in the address bar change the address from https://192.168.1.1/main.html to https://192.168.1.1/diag.html
- Click “Internal Settings” on the left hand side of the page.
- About 3/4 down the page you will see the “Wireless Settings” section. Under that check the setting that says ”Enable Local Wireless Zone Traffic To Bypass Gateway Firewalling” then click “Accept” and go back to main.html by clicking close.
- Under Network go to “Zones”
- Under the General tab make sure that “Allow Interface Trust” is checked
- Under the Wireless Tab. Uncheck “Only allow traffic generated by a Sonicpoint/SonicpointN” and Check “Enforce local wireless zone traffice to bypass gateway firewalling” then click OK.
- Now go to your interface where you plugged the Sonicpoint into, in my case I will go to configure X8.
- Change the Zone to “WLAN”
- Change the IP Assignment to “Layer 2 Bridged Mode”
- Change “Bridged To” to “X0” or whatever your LAN is.
That should be it. This should allow you to connect to your Sonicpoint, and access your local LAN resources.
Here’s some other info.
This person allows access to LAN and has pictures:
When you cannot connect a Sonicwall directly to the port workaround:
Corporate VPN Setup for Guests and Employees