Hi there,
i have a problem setting up a guest WLAN on the UTM with three AP15s and Wireless Protection, no Web Protection.
the internal WLAN works as intended, the guest WLAN has Access to the Internet, but also into the internal LAN. That should not happen. i have Access to the UTM from remote, so i can provide any details necessary. 2 of the APs are in the storage area, which only needs the internal WLAN with Access to the LAN, in the conference room there should be both internal wlan and guest wlan available.
if you need further Information, pls let me know and i will provide it.
Hope that someone can help.
Information:
I created a new Interface called guest, with the Hardware being wlan2 (remote wireless Network)
i created a dhcp Server for the guest wlan with a different ip range then the LAN. as DNS i set the adress of the WLAN Interface and the Google dns.
the internal wlan i set to Bridge to AP Lan, the guest wlan to seperate Zone with Client isolation enabled.
i set a masquerading rule to allow the guest wlan to WAN for Internet access
later i also set a Firewall rule that prevents Access to LAN from the guest wlan and a rule that allows web Surfing from the guest wlan to Internet ipv4
on the ap's i allowed the internal wlan for the 2 storage APs and on the conference AP i allowed both guest and the internal wlan
the aps are connected to the normal lan Switch, so they are connected to the utm via the lan Interface.
Update: i did not try a Laptop from the guest wlan, only a cell phone. with the browser on the cellphone i could connect to the Sophos utm webadmin site in the LAN. i did not try to connect to any Network resource after i magaed to get onto the webadmin, because i assumed that if that if i can connect to the webadmin on the LAN then I can connect to other devices on the LAN as well.
Any help is greatly appreciated.
Cheerios
Alex
This thread was automatically locked due to age.