SonicWALL SonicPoint Administrator's Manual
  1. Manuals
  2. Brands
  3. SonicWALL Manuals
  4. Network Router
  5. SonicPoint
  6. Administrator's manual
SonicWALL SonicPoint Administrator's Manual

SonicWALL SonicPoint Administrator's Manual

Hide thumbs Also See for SonicPoint:
Table of Contents

Advertisement

Quick Links

COMPREHENSIVE INTERNET SECURITY
ª
SonicWALL
Secure Wireless Solution
SonicPoint and SonicPoint G
Administrator's Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SonicPoint and is the answer not in the manual?

Questions and answers

Related Manuals for SonicWALL SonicPoint

Summary of Contents for SonicWALL SonicPoint

  • Page 1 COMPREHENSIVE INTERNET SECURITY ª SonicWALL Secure Wireless Solution SonicPoint and SonicPoint G Administrator's Guide...

  • Page 2: Table Of Contents

    Managing the SonicPoint in Stand-Alone Mode ....... . . 35...
  • Page 3 Managing the SonicPoint in SafeMode........
  • Page 4 This Limited Warranty is not transferable and applies only to the original end user of the product. SonicWALL and its suppliers' entire liability and Customer's sole and exclusive remedy under this limited warranty will be shipment of a replacement product. At SonicWALL's discretion the replacement product may be of equal or greater functionality and may be of either new or like-new quality.
  • Page 5 USE HARDWARE OR SOFTWARE EVEN IF SONICWALL OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event shall SonicWALL or its suppliers' liability to Customer, whether in contract, tort (including negligence), or otherwise, exceed the price paid by Customer.
  • Page 6 Current Documentation Check the SonicWALL documentation Web site for that latest versions of this manual and all other SonicWALL product documentation. http://www.sonicwall.com/support/documentation.html WALL S ’ ONIC ONIC OINT DMINISTRATOR UIDE...
  • Page 7 WALL S ’ ONIC ONIC OINT DMINISTRATOR UIDE...

  • Page 8: Using The Sonicwall Sonicpoint

    This guide introduces you to the concepts involved in designing your wireless network to use SonicPoints. It also provides a guide to managing the SonicPoint, either through a SonicWALL security appliance in Managed Mode or on its own in Stand-Alone Mode.

  • Page 9: Supported Platforms

    SonicPoint (IEEE 802.11a/b/g). • SonicPoint G (IEEE 802.11g/b). Overview of the SonicWALL SonicPoint Hardware The SonicPoint contains both 2.4 and 5.0 GHz Radio WLANs. The following figure details the front view of the SonicPoint. 2.4 GHz Radio Power 5.0 GHz Radio...
  • Page 10 Supported Platforms The following figure details the rear view of the SonicPoint 802.11 a/b/g. Console Port LAN Port Power Power over Ethernet WALL S ’ ONIC ONIC OINT DMINISTRATOR UIDE...
  • Page 11 The SonicPoint G contains only the 2.4 GHz Radio WLAN. The following figure details the front view of the SonicPoint G. Power Link, 10/100, Radio Activity WALL S ’ ONIC ONIC OINT DMINISTRATOR UIDE...
  • Page 12 SonicPoint is powered up, the Power LED turns steady. • WLAN 2.4 GHz Radio - The 2.4 GHz Radio LED blinks at a constant rate when the SonicPoint is ready to receive traffic, and blinks at a variable rate while transferring data with connected 802.11g/b stations.

  • Page 13: Sonicpoint Registration

    • Console - To display bootup and diagnostic messages through the command-line interface (CLI), connect one end of an RS-232 serial cable to the SonicPoint console port and the other end to your work station. Note: Note that SonicWALL does not support a non-SonicWALL antenna on both the SonicPoint G and SonicPoint a/b/g devices.

  • Page 14: Sonicpoint Overview

    SonicWALL TZ 170 Wireless, SonicOS Enhanced 2.5 or greater and the SonicPoint work together to act as the center of a distributed wireless network. To extend the reach and intelligence of the core, up to 128 SonicPoint Access Points can be connected to a SonicWALL appliance (the total number of supported SonicPoints is platform dependent) running SonicOS Enhanced 2.5 or greater.

  • Page 15: Sonicpoint Features

    SonicPoint Features Note that in this manual SonicPoint refers to both SonicPoint 802.11a/b/g and SonicPoint G. While the following table explicitly refers to each platform, the remainder of this manual refers to instances where both are appropriate, simply using the SonicPoint name. The SonicPoint offers the following...

  • Page 16: Sonicpoint Modes Of Operation

    SonicOS GUI. If the SonicPoint cannot discover or be discovered by a security appliance within 5 seconds of startup, it will reboot into Stand-Alone Mode. When operating in Stand-Alone Mode, the SonicPoint will assume a default IP address of 192.168.1.20, a default username of admin, and a default password...
  • Page 17 Wireless Guest Services Disabled. • Enforces that all traffic that enters the zone arrive from a SonicPoint. All other traffic will be dropped (i.e. traffic from wired network systems, or wireless traffic originating from a non- SonicPoint device). You cannot use a third-party wireless Access Point device in a Wireless Zone.

  • Page 18: Number Of Subnets Supported

    SonicPoint Enforcement: As traffic passes from wireless clients through a SonicPoint, the SonicPoint will tag the traffic so that it will be identifiable by a Wireless Zone interface. If the Wireless Zone interface receives traffic that has not been appropriately tagged, it will discard the traffic.

  • Page 19: Sonicpoint Enforcement

    Enhanced enabled SonicWALL PRO Series security appliance or SonicWALL TZ Series security appliance that first discovered it, making it its peer (to protect against the event of a SonicPoint being on an L2 segment with more than one PRO). Once peered, SDP will negotiate encryption parameters and will determine the configuration state of the SonicPoint.
  • Page 20 2 Go to the Zones page under the Network > Zones location. 3 In the WLAN Zone, click on the Configure icon. SonicOS displays the Configure dialog box. 4 Click on the Wireless tab. By default, the Only allow traffic generated by a SonicPoint checkbox is enabled.

  • Page 21: Wireless Firewalling

    SonicPoint, or whether wireless or wired; all traffic must traverse the firewall. This can be used, for example, for the following application: •...
  • Page 22 SonicPoint Overview Access Rules for Wireless clients are controlled using Zone based intersections and applicable Address Objects. Consider the following examples from the illustration above (Address Objects used are generalized by subnet, and can be made more specific): Address Object...

  • Page 23: Wifisec Enforcement / Wpa

    WiFiSec Enforcement / WPA As introduced on the SonicWALL TZ 170 Wireless, WiFiSec Enforcement is the ability to require that all traffic that traverse the wireless network be IPSec (VPN) traffic. We will be able to enforce the same level of security with the Secure Wireless Solutions/Architecture by providing WiFiSec Enforcement at the Zone level;...

  • Page 24: Wireless Roaming

    As wireless clients move through a distributed wireless network, it is necessary to support roaming from one SonicPoint to another in as non-interruptive a manner as possible. The SonicWALL Secure Wireless Solutions/Architecture was designed such that client connections, even across multiple SonicPoint Access Points, traverse a single point--whether it is the physical interface on the SonicOS device, or a Virtualized Adapter using the Global VPN Client (GVC).

  • Page 25: Roaming Within Layer 3 Boundaries

    Roaming Within Layer 3 Boundaries In configurations where a single SonicPoint or multiple SonicPoints are connected to a single interface on a SonicWALL security appliance, roaming (under most circumstances) will be seamless to the user since the client connection is terminated at the security appliance’s interface rather than at the individual SonicPoint.

  • Page 26: Roaming Across Multiple Sonicwall Interfaces

    If it becomes necessary or desirable to span a contiguous network of SonicPoints across multiple interfaces on a SonicWALL security appliance, the effects of roaming across L3 boundaries can be mitigated by using the GVC with the Virtual Adapter option: The illustration above depicts a wireless client (ClientA) associated with SonicPoint1.

  • Page 27: Guest Services

    “WLAN Zone”, or to provide one set of Guest Services options on one Wireless Zone, and a completely different set of options on another. In addition to providing the ability to accept wired traffic, disabling SonicPoint enforcement has the additional benefit of being able to provide Wireless Guest Services to wired hosts. All features of Wireless Guest Services will function for wired guests exactly as they do for wireless guests, including authentication page redirection and Lightweight Hotspot Messaging (LHM) and DAT.

  • Page 28: Smtp Redirection

    (anti-spam) gateway or appliance. Enabling External Guest Services In addition to providing the ability to accept non-SonicWALL wireless traffic, disabling SonicPoint enforcement has the additional benefit of being able to provide Wireless Guest Services (WGS) to wired hosts.

  • Page 29: Mac Filtering Using Mac Address Objects

    SonicPoints across a Secure Wireless Solution/Architecture. SonicPoint Profile definitions will include all of the settings that can be configured on a SonicPoint, such as radio settings for the 2.4GHz and 5GHz radios, including SSID’s, encryption settings, MAC filters, channels of operation, etc.

  • Page 30: Hardware Failover And Lan Port Disconnect Transitions

    MAC address and the interface and Zone on which it was discovered. It can also automatically assign the SonicPoint an IP address, if so configured, so that the SonicPoint can communicate with an authentication server for WPA-EAP support. SonicOS will then use the profile associated with the relevant Zone to configure the 2.4GHz and 5GHz radio settings.

  • Page 31: Managed Mode And Stand-Alone Mode Transitions

    SonicWALL Discovery Protocol (SDP). Immediately after a boot, if a security appliance is not detected, the SonicPoint will reboot after a short time interval (~5 seconds) into Stand-Alone Mode. If a security appliance is initially detected (resulting in Managed...

  • Page 32: Sonicpoint Leds

    WLAN 2.4 GHz Radio - The 2.4 GHz Radio LED is controlled by the wireless radio. The LED blinks at a constant rate when the SonicPoint is ready to receive traffic using the 2.4 GHz radio (802.11b/g), and blinks at a variable rate when transferring data.

  • Page 33: Managing Sonicpoints In Managed Mode

    SonicPoint Provisioning Profiles provide a scalable and highly automated method of configuring and provisioning multiple SonicPoints across a Secure Wireless Solution/Architecture. SonicPoint Profile definitions include all of the settings that can be configured on a SonicPoint, such as radio settings for the 2.4GHz and 5GHz radios, SSID’s, and channels of operation.

  • Page 34: Configuring A Sonicpoint Profile

    Name Prefix: Enter a prefix for the names of all SonicPoints connected to this zone. When each SonicPoint is provisioned it is given a name that consists of the name prefix and a unique number, for example: “SonicPoint 126008.“...
  • Page 35 Best, 6 Mbps, 9 Mbps, 12 Mbps, 18 Mbps, 24 Mbps, 36 Mbps, 48 Mbps, or 54 Mbps. Transmit Power: Select the transmission power. Transmission power effects the range of the SonicPoint. You can select: Full Power, Half (-3 dB), Quarter (-6 dB), Eighth (-9 dB), or Minimum.
  • Page 36 In most cases, Best is the optimal setting. 1: Select 1 to restrict the SonicPoint to use antenna 1 only. Facing the rear of the SonicPoint, antenna 1 is on the left, closest to the power supply.
  • Page 37 If the SonicPoint does locate, or is located by a peer SonicOS device, using the SonicWALL Discovery Protocol, an encrypted exchange between the two units will ensue wherein the profile assigned to the relevant Wireless Zone will be used to automatically configure (provision) the newly added SonicPoint unit.

  • Page 38: Selecting Variable Numbers Of Sonicpoint Access Points

    SonicOS 3.1 Enhanced supports the selection of a variable number of SonicPoint access points. Previously you could only set Class C or greater networks on your submit. SonicPoint access points. Now you can select four different amounts. This provides you with the flexibility to create a subnetwork that is appropriate for the amount of devices you have.

  • Page 39: Working With New Memory Requirements

    6 Click on the SonicPoint Limit listbox and select one of the options that indicates the number of SonicPoints: No SonicPoints. 2 SonicPoints. 4 SonicPoints. 8 SonicPoints. 12 SonicPoints. 7 Check one of the checkboxes in the Management region to indicate a management type you want to use.

  • Page 40: Updating Sonicpoint Settings

    You can enable or disable individual SonicPoints on the Wireless > SonicPoints page: 1 Check the box under Enable to enable the SonicPoint, uncheck the box to disable it. 2 Click Apply at the top of the Wireless > SonicPoints page to apply this setting to the SonicPoint. Updating SonicPoint Firmware SonicOS Enhanced 2.5 (or greater) contains an image of the SonicPoint firmware.

  • Page 41: Sonicpoint States

    Provision failed: In the unlikely event that a provision attempt from a SonicOS security appliance fails, the SonicPoint will report the failure. So as not to enter into an endless loop, it can then be manually rebooted, manually reconfigured, or deleted and re-provisioned.

  • Page 42: Managing The Sonicpoint In Stand-Alone Mode

    Connect to the LAN port of the SonicPoint through the PoE injector with a regular cat. 5 Ethernet cable. If the SonicPoint is connected to a port in a SonicWALL security appliance and the port is not in a Wireless zone, you can connect to it through the security appliance provided there are rules to allow HTTP management traffic between the zone your management station is in and the zone the SonicPoint is in.

  • Page 43: Using The Sonicpoint Stand-Alone Management Interface

    Using the SonicPoint Stand-Alone Management Interface Because the stand-alone Management Interface mirrors the Wireless section of the SonicOS Managing SonicPoints in Managed Mode Management Interface, see for instructions on managing the SonicPoint in Stand-Alone Mode. System > Status Provides a view of operating...

  • Page 44: System > Firmware

    Managing the SonicPoint in Stand-Alone Mode System > Firmware Provides an interface to upload new firmware using FTP. Requires access to an external FTP server hosting a SonicPoint Firmware image. SonicPoint firmware can be downloaded from a SonicOS Enhanced 2.5 or greater SonicOS security appliance from the ‘Wireless >...

  • Page 45: Network > Interfaces

    Network > Interfaces Configuration of LAN IP, netmask, and default gateway. Wireless > Status View statistics for both radios, and associated Station status. WALL S ’ ONIC ONIC OINT DMINISTRATOR UIDE...

  • Page 46: Wireless > 802.11A Radio

    Managing the SonicPoint in Stand-Alone Mode Wireless > 802.11a Radio 802.11a (5GHz) Radio settings Wireless > 802.11a Advanced Advanced 802.11a (5GHz) Radio settings WALL S ’ ONIC ONIC OINT DMINISTRATOR UIDE...

  • Page 47: Wireless > 802.11G Radio

    Wireless > 802.11g Radio 802.11g/b (2.4GHz) Radio settings Wireless > 802.11g Advanced Advanced 802.11g/b (2.4GHz) Radio settings WALL S ’ ONIC ONIC OINT DMINISTRATOR UIDE...

  • Page 48: Managing The Sonicpoint In Safemode

    In SafeMode, the SonicWALL Discovery Protocol (SDP) and SonicWALL Simple Provisioning Protocol (SSPP) allow the SonicPoint device to be managed using an Interface that is a member of a Wireless zone of a SonicWALL PRO family appliance running SonicOS 2.5 or higher. Simply connect a cable between the SonicPoint LAN and the PROs Wireless Interface.

  • Page 49: Resetting The Sonicpoint

    Firmware Image. Resetting the SonicPoint The SonicPoint has a reset switch inside a small hole in the back of the unit, next to the console port. Reset Button You can reset the SonicPoint at any time by pressing the reset switch with a straightened paper-clip, a tooth pick, or other small, straight object.

  • Page 50: Sonicpoint Radio Characteristics

    SonicPoint Radio Characteristics SonicPoint Radio Characteristics Each SonicPoint contains two separate radios, a 2.4GHz radio for 802.11b and 802.11g, and 5GHz radio for 802.11a. Since the radios are fully distinct, each SonicPoint can simultaneously host 802.11g/b and 802.11a clients, providing the highest level of wireless client compatibility.
  • Page 51 Operating Channels 802.11a: 12 for FCC 11 for Europe 4 for Japan 4 for Singapore 4 for Taiwan 802.11b/g: 11 for FCC 14 for Japan 13 for Europe 2 for Spain 4 for France Receive Sensitivity (typical) 802.11a: -82dBm @ 6Mbps -81dBm @ 9Mbps -79dBm @ 12Mbps -78dBm @ 18Mbps...
  • Page 52 F: 408.745.9300 © 2005 SonicWALL, I n c . SonicWALL is a registered trademark of SonicWALL, I n c . Other product and company names mentioned herein may be t rademarks and/ or registered trademarks of their respective companies. Specifications and descriptions subject to change with out notice.

This manual is also suitable for:

Sonicpoint g

Table of Contents