SonicWALL 3 Benutzerhandbuch
S
ONIC
WALL S
ONIC
OS S
TANDARD
3.0 A
DMINISTRATOR
’
S
G
UIDE
127
C
H A P T E R
22
Chapter 22:
Setting Up the WLAN Using the
Wireless Wizard and Monitoring
Your WLAN
The SonicWALL TZ 50 Wireless/TZ 150 Wireless/TZ 70 Wireless support two wireless protocols
called IEEE 802.11b and 802.11g, commonly known as Wi-Fi, and sends data via radio
transmissions. The TZ 150 Wireless/TZ 170 Wireless combines three networking components to offer
a fully secure wireless firewall: an Access Point, a secure wireless gateway, and a stateful firewall
with flexible NAT and VPN termination and initiation capabilities. With this combination, the TZ 50
Wireless/TZ 150 Wireless/TZ 170 Wireless offer the flexibility of wireless without compromising
network security.
called IEEE 802.11b and 802.11g, commonly known as Wi-Fi, and sends data via radio
transmissions. The TZ 150 Wireless/TZ 170 Wireless combines three networking components to offer
a fully secure wireless firewall: an Access Point, a secure wireless gateway, and a stateful firewall
with flexible NAT and VPN termination and initiation capabilities. With this combination, the TZ 50
Wireless/TZ 150 Wireless/TZ 170 Wireless offer the flexibility of wireless without compromising
network security.
Typically, the TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless is the access point for your wireless
LAN and serves as the central access point for computers on your LAN. In addition, it shares a single
broadband connection with the computers on your network. Since the TZ 50 Wireless/TZ 150
Wireless/TZ 170 Wireless also provides firewall protection, intruders from the Internet cannot access
the computers or files on your network. This is especially important for an “always-on” connection
such as a DSL or T1 line that is shared by computers on a network.
LAN and serves as the central access point for computers on your LAN. In addition, it shares a single
broadband connection with the computers on your network. Since the TZ 50 Wireless/TZ 150
Wireless/TZ 170 Wireless also provides firewall protection, intruders from the Internet cannot access
the computers or files on your network. This is especially important for an “always-on” connection
such as a DSL or T1 line that is shared by computers on a network.
However, wireless LANs are vulnerable to “eavesdropping” by other wireless networks which means
you should establish a wireless security policy for your wireless LAN. On the TZ 50 Wireless/TZ 150
Wireless/TZ 170 Wireless, wireless clients connect to the Access Point layer of the firewall. Instead of
bridging the connection directly to the wired network, wireless traffic is first passed to the Secure
Wireless Gateway layer where the client is required to be authenticated via User Level Authentication.
Access to Wireless Guest Services (WGS) and MAC Filter Lists are managed by the TZ 50 Wireless/
TZ 150 Wireless/TZ 170 Wireless. It is also at this layer that the TZ 50 Wireless/TZ 150 Wireless/TZ
170 Wireless has the capability of enforcing WiFiSec, an IPSec-based VPN overlay for wireless
networking. As wireless network traffic successfully passes through these layers, it is then passed to
the VPN-NAT-Stateful firewall layer where WiFiSec termination, address translation, and access rules
are applied. If all of the security criteria is met, then wireless network traffic can then pass via one of
the following Distribution Systems (DS):
you should establish a wireless security policy for your wireless LAN. On the TZ 50 Wireless/TZ 150
Wireless/TZ 170 Wireless, wireless clients connect to the Access Point layer of the firewall. Instead of
bridging the connection directly to the wired network, wireless traffic is first passed to the Secure
Wireless Gateway layer where the client is required to be authenticated via User Level Authentication.
Access to Wireless Guest Services (WGS) and MAC Filter Lists are managed by the TZ 50 Wireless/
TZ 150 Wireless/TZ 170 Wireless. It is also at this layer that the TZ 50 Wireless/TZ 150 Wireless/TZ
170 Wireless has the capability of enforcing WiFiSec, an IPSec-based VPN overlay for wireless
networking. As wireless network traffic successfully passes through these layers, it is then passed to
the VPN-NAT-Stateful firewall layer where WiFiSec termination, address translation, and access rules
are applied. If all of the security criteria is met, then wireless network traffic can then pass via one of
the following Distribution Systems (DS):
•
LAN
•
WAN
•
Wireless Client on the WLAN
•
VPN tunnel