This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Question about WIFI Zone

hello every one

i want to setup wifi zone on my network

i have 6 APs connected to the LAN port on sophos

so do i need install third interface on my server and connect the APs on it or i can do it while they connected to my LAN and place them in separate network ?



This thread was automatically locked due to age.
Parents
  • Hi,

    you can set the APs into a seperate zone or have them bridged into the LAN zone depends on what you are trying to achieve? Further you can setup VLANs with the APs, but I would not recommend that with the current versions of XG.

    For general internet access bridged into lan zone is the easiest to setup and work with.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • thank you for your replay 

    iam trying to achieve to separate my guest users who access via wifi from my LAN network 

    and apply rules on wifi users 

    what iam missing here if i can do this while the APs are connected on sophos LAN PORT 

    because this is will save a lot of time and effort to reconnect all of APs to a separate interface 

    so if i can do this would you tell me the steps to do on sophos or provide me with links explain how to do it i will be appreciate it

Reply
  • thank you for your replay 

    iam trying to achieve to separate my guest users who access via wifi from my LAN network 

    and apply rules on wifi users 

    what iam missing here if i can do this while the APs are connected on sophos LAN PORT 

    because this is will save a lot of time and effort to reconnect all of APs to a separate interface 

    so if i can do this would you tell me the steps to do on sophos or provide me with links explain how to do it i will be appreciate it

Children
  • Hegazy,

    follow the screenshots in this thread:

    https://community.sophos.com/products/xg-firewall/f/network-and-routing/75951/wireless-lan-access

    Make sure to create proper firewall rules to allow internet traffic for the different separated wi-fi zone.

    You can use LAN port.

    Regards

  • thank you sir for your reply , i have been waiting for you :)

    i have seen the screenshots in the link you provided but unfortunately i still don't get it clear

    so i will describe what i have and what i need and how i will do it according to the topic i have seen and i hope you tell if iam wrong

    my lan network ip is : 10.10.10.0/24

    and i have AP i need to connect it in the lan port but in isolate network just to use the internet

    and let`s say for example in network ip : 10.10.20.0/24

    so first step is create a network wireless

    i have a question in this part,

    in the SSID and Passphrase/PSK should i write the AP SSID and Passphrase/PSK ??

    next step is configure the AP with IP for example 10.10.20.2/24 and connect it to the lan port

    then i need to create a DHCP server for them in sophos like this

    finally i create a firewall rule to allow them to access the internet

    and thats it ?

    the wifi users will be in isolated network even they connecting to the LAN port?