For a wireless XTM device that runs Fireware XTM OS v11.8.x or older, you can enable Access Point 1 and Access Point 2 on your wireless device to bridge to a trusted or optional network.
To bridge Access Point 1 and Access Point 2 to the same network, the XTM device must run Fireware XTM OS v11.8.1 or higher.
When you enable an access point on your wireless device to bridge to an interface, you must select whether to use a trusted or an optional interface.
Any wireless clients on the trusted network have full access to computers on the trusted and optional networks, and access to the Internet as defined in the outgoing firewall rules on your Firebox or XTM device.
If the wireless client sets the IP address on its wireless network card with DHCP, the DHCP server on the trusted network of the XTM device must be active and configured.
Any wireless clients on the optional network have full access to computers on the optional network, and access to the Internet as defined in the outgoing firewall rules on your XTM device.
If the wireless client sets the IP address on its wireless network card with DHCP, the DHCP server on the optional network of the Firebox or XTM device must be active and configured.
To enable wireless connections to your trusted or optional network:
When you select this option, the Firebox or XTM device only allows DHCP, DNS, IKE (UDP port 500), and ESP packets over the wireless network. This can increase the security for wireless clients if you do not select WPA or WPA2 as the wireless authentication method.
If you enable wireless connections to the trusted interface, you can also restrict access by MAC address. This prevents users from connecting to the XTM wireless device from unauthorized computers that could contain viruses or spyware.
When you enable wireless connections to a trusted or optional interface, the wireless and wired networks operate as if they are on the same local network. Broadcast traffic, such as DHCP requests, can pass between wired and wireless clients. If a DHCP server is active on the physical network, or if a wireless client is configured as a DHCP server, then all wired and wireless clients on that network can receive IP addresses from that DHCP server.
To configure a wireless guest network with no access to the computers on your trusted or optional networks, see Enable a Wireless Guest Network (Fireware XTM OS v11.8.x and Lower).
Wireless Device Configuration Options
About Wireless Radio Settings
Enable/Disable SSID Broadcasts
Log Authentication Events
Change the SSID
Change the Fragmentation Threshold
Change the RTS Threshold
Set the Wireless Authentication Method
Set the Encryption Level