Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 3936 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 110 and AP10 setup

dknyinva
Hello,

Just got a new UTM 110 and AP10 for a client.  Could someone suggest the best way to connect the AP10, so it can utilize the web protection on the UTM?  

 - #1 Connect to one of the Interface on the UTM ether2 or
 - #2 Connect to a Netgear switch

I tried #2 and let it auto configure with wlan0, but web security is not filtering client connect to the AP10

Thanks for any suggestion


This thread was automatically locked due to age.
  • 0
    Hi,
    you connect the AP10 to any network point on the internal network. 
    You bridge the AP10 network to the local (internal) network and that should work.

    I assume you have setup the SSID and accepted the AP10?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0
    If you don't bridge the WLAN (like in a guest wifi), you need to add this network interface to the web filtering allowed networks list.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels
    Thank you both for your reply.  I went with both your suggestions and connect the AP10 to the netgear and setup an SSID and set client traffic to bridge to the AP LAN and it works.  Just another question

    It said that the AP10 can have up to 8 SSIDs.  Can I created another SSID for guest with no encryption and set client traffic to separate zone?  I tried it and couldn't get an IP address.

    Thanks again
  • 0
    If you create SSID in separate zone then you should also:
    1. Create new Interface for wlan0 with static IP address different from your LAN network.
    2. Create new DHCP server bounded to that interface.

    Test if it works, and then continue with:
    3. Add that interface into DNS allowed networks.
    4. Create new Masquerading rule for that interface.
    5. Create Firewall rule for that interface or add it to Web Protection profile.
  • 0 in reply to vilic
    Hello vilic,

    Can't seem to create a wlan0 interface.  Option doesn't list wlan0 as an option.  Please advice

    Thanks
  • 0
    Hi dknyinva, 

    In order to create a new wlan interface you must have at least one SSID configured in separated zone.
  • 0 in reply to vilic
    Hi dknyinva, 

    In order to create a new wlan interface you must have at least one SSID configured in separated zone.
    vilic, you're right on the nose[;)].  Did what you suggested and I'm good to go.

    I appreciate your help
Unfiltered HTML