Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 1469 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Synchronize password with PSK of wireless network (Password of the Day) + Bridged to Vlan

Tommy Müller

Hi guys,

I've been trying unsuccessfully for some time to enable the "Synchronize password with PSK of wireless networks" option on a WLAN network.

The environment looks like this:

UTM SG 135 9.705
AP55

interface: WLAN-GUEST (VLAN 2174)

Accesspoint VLAN: 2049

Wireless-Network:
Network name: wlan-guest
SSID: Guest
Encryption Mode: WPA2 Personal
PSK: Temp. PW
Client Traffic: Bridge to VLAN
Bridge to VLAN ID: 2174

Hotspot:
Name: Guest
Interfaces: WLAN-GAST
Hotspot Typer: Password of the Day
Synchronize password with PSK of wireless networks: Enabled
Users have to accept terms of use: Enabled


The Password of the Day is not taken over as PSK for the WLAN guest.The self-set one still works.

Creating the WLAN network without PSK was not successful either.

Is the synchronization with the Bridged to VLAN mode not compatible?

Thanks for the help








This thread was automatically locked due to age.
Parents
  • 0

    Hallo Tommy and welcome to the UTM Community!

    This only works with "Separate Zone" Wireless Networks.  You can then bridge the wlan# virtual NIC in the VLAN in Interfaces.  Glück gehabt?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Hallo Tommy and welcome to the UTM Community!

    This only works with "Separate Zone" Wireless Networks.  You can then bridge the wlan# virtual NIC in the VLAN in Interfaces.  Glück gehabt?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Hallo Bob,

    First, thank you for your answer.

    II have now added a wireless network with the Seprate Zone mode.

    Now I can create a new interface (wlan3) under Interfaces and give it a VLAN in Ethernet VLAN mode.

    However, the target VLAN arrives at the UTM on ETH4 of the switch. How do I now specify that this VLAN of wlan3 arrives at ETH4?

    The AP Mmgmt is also on eth4 with another VLAN. Does the UTM bridge the VLAN in Seprate Zone mode to the hardware interface where the AP also arrives at the UTM?

  • 0 in reply to Tommy Müller

    Ahh, Tommy, I forgot - there's no such thing as a VLAN bridge in WebAdmin.  This situation seems complex.  What is it you're trying to accomplish by bridging the AP with a particular VLAN?  Maybe there's a better solution or maybe you can't use the 'Synchronize password with PSK' option.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hallo Bob,

    We try to implement the following

    The access points hang with the Mgmt on VLAN 2049

    VLAN 2049 tagged and 2174 tagged are available on the switch to which the access point is connected. The wlan-guest should be in VLAN 2174. The data traffic of several WLAN networks should be separated on the following switches.

    A hotspot with password of the day should be active in the wlan-guest.
    This Password of the Day should also be the PSK of the day for the wlan-guest at the same time.

    What I have tried now:

    wlan-guest set up as a Separate Zone and set up a hotspot for it.
    On the virtual NIC "wlan3" VLAN activated and 2174 set.

    The Password of the Day now synchronizes with the PSK of wlan-guest. However, devices in the wlan-guest do not seem to be able to obtain an IP from the UTM DHCP for this network.

  • 0 in reply to Tommy Müller

    Is there a DHCP-server for this network in your UTM? If not you may need to create it first.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    Hallo, Yes I have created a DHCP server on the interface.

Unfiltered HTML