A wireless network provides common connection settings for wireless clients. These settings include SSID, security mode, and the method for handling client traffic.
When you add a wireless network to an access point, you define the method of integrating traffic on the wireless network into your local network.
|Separate zone||The wireless network is handled as a separate network with the specified IP address range. Use this option to configure firewall rules for the specified SSIDs.All traffic from a separate zone network is sent to Sophos Firewall using the Virtual Extensible LAN (VXLAN) protocol. VXLAN is a virtual tunnel that encapsulates layer 2 Ethernet frames within layer 3 IP packets. |
Encapsulation lowers the available MTU size. Lower MTU results in higher fragmentation and may slow the traffic at times. To prevent this issue, you can do one of the following:
|Bridge to AP LAN||The wireless network is bridged into the network of the selected access point. Clients share the IP address range of the access point.|
|Bridge to VLAN||The wireless network is bridged into a VLAN. Use this method when you want access points to be in a common network that is separate from the wireless clients.|
Method for integrating traffic on the wireless network into your local network.
Encryption algorithm to use for network traffic. AES is recommended.
Allow access to the wireless network according to the specified schedule.
Prevent traffic among wireless clients that connect to the same SSID on the same radio. This setting is typically used on guest networks.
Do not show the wireless network SSID.
Force wireless networks to use the IEEE 802.11r standard.
Allow or block clients from connecting to the wireless network based on their MAC addresses.