Wireless Device Configuration Options

The configuration procedure for wireless interfaces depends on the version of Fireware XTM OS that runs on your Firebox or XTM device:

Wireless Device Configuration Options (Fireware XTM OS v11.9 and Later)

Any wireless Firebox or XTM device can be configured as a wireless access point with more than one different security zone. You can enable wireless clients to connect to the wireless XTM device as part of the trusted or optional network. You can also use a custom network to enable a wireless guest services network for your XTM device, or use bridge or VLAN networks in your wireless configuration.

Before you enable the wireless Firebox or XTM device as a wireless access point, you must look carefully at the wireless users who connect to the device, and then determine the level of access for each type of user.

You can select from these options for wireless access:

Allow Wireless Connections to a Trusted Interface

When you allow wireless connections through a trusted interface, wireless devices have full access to all computers on the trusted and optional networks, and full Internet access based on the rules you configure for outgoing access on your XTM device.

If you enable wireless access through a trusted interface, to allow access through the Firebox or XTM device only for devices that you add to the Allowed MAC Address list, you can enable and use the MAC restriction feature.

For more information, see Use Static MAC Address Binding.

Allow Wireless Connections to an Optional Interface

When you allow wireless connections through an optional interface, wireless devices have full access to all computers on the optional network, and full Internet access based on the rules you configure for outgoing access on your wireless Firebox or XTM device.

Allow Wireless Connections on a Bridge Interface

This option enables you to bridge wireless traffic to a trusted or optional network. When you select this option, you cannot filter traffic between the wireless users and the bridge network. When you bridge the wireless network, the wireless users are in the same security zone as other users on the bridge network, and the traffic for these mobile users is handled by the same security policies as traffic for other users on the bridged network. For example, if you bridge the wireless network to a trusted interface, all policies that allow traffic for the "Any-Trusted" alias allow traffic for the users who connect to the wireless network.

The choice of interfaces to which you can bridge the wireless network depends on your version of Fireware XTM:

For detailed instructions, see Create a Network Bridge Configuration.

Allow Wireless Connections on a VLAN Interface

You can configure the wireless network as a VLAN interface to connect wireless clients to a configured VLAN within your network. Because most wireless clients are not VLAN-capable, you can configure the VLAN as untagged.

To learn more about VLAN tagging, see About Virtual Local Area Networks (VLANs).

Allow Wireless Guest Connections on a Custom Interface

Computers that connect to the custom network connect through the wireless Firebox or XTM device to the Internet based on the rules you configure for outgoing access on your Firebox or XTM device. The custom zone is not part of any default policies. You can use the wireless interface alias in policies that you configure for traffic from wireless clients so they cannot access trusted or optional networks.

For more information, see Enable a Wireless Guest Network (Fireware XTM OS v11.9.x and Higher).

Before you set up wireless network access, see Before You Begin.

To allow wireless connections on an interface, see Enable Wireless Connections (Fireware XTM OS v11.9.x and Higher).

Wireless Device Configuration Options (Fireware XTM OS v11.8.x and Lower)

Any Firebox or XTM wireless device can be configured as a wireless access point with three different security zones. You can enable wireless clients to connect to the wireless device as part of the trusted network or part of the optional network. You can also enable a wireless guest services network for Firebox or XTM device users. Computers that connect to the guest network connect through the wireless device, but do not have access to computers on the trusted or optional networks.

Before you enable the wireless Firebox or XTM device as a wireless access point, you must look carefully at the wireless users who connect to the device and determine the level of access to enable for each type of user. There are three types of wireless access you can allow:

Allow Wireless Connections to a Trusted Interface

When you allow wireless connections through a trusted interface, wireless devices have full access to all computers on the trusted and optional networks, and full Internet access based on the rules you configure for outgoing access on your Firebox or XTM device. If you enable wireless access through a trusted interface, to allow access through the Firebox or XTM device only for devices you add to the Allowed MAC Address list, you can enable and use the MAC restriction feature.

For more information about how to restrict access by MAC addresses, see Use Static MAC Address Binding.

Allow Wireless Connections to an Optional Interface

When you allow wireless connections through an optional interface, those wireless devices have full access to all computers on the optional network, and full Internet access based on the rules you configure for outgoing access on your wireless Firebox or XTM device.

Allow Wireless Guest Connections Through the External Interface

Computers that connect to the wireless guest network connect through the wireless Firebox or XTM device to the Internet based on the rules you configure for outgoing access on your XTM device. These wireless-connected computers do not have access to computers on the trusted or optional network.

For more information about how to configure a wireless guest network, see Enable a Wireless Guest Network (Fireware XTM OS v11.8.x and Lower).

Before you set up wireless network access, see Before You Begin.

To allow wireless connections to your trusted or optional network, see Enable Wireless Connections (Fireware XTM OS v11.8.x and Lower).

See Also

About Wireless Configuration Settings

About Wireless Security Settings

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base