Wireless networks
A wireless network provides common connection settings for wireless clients. These settings include SSID, security mode, and the method for handling client traffic.
When you add a wireless network to an access point, you define the method of integrating traffic on the wireless network into your local network.
|
Name |
Description |
|---|---|
| Separate zone | The wireless network is handled as a separate network with the specified IP address
range.
Use this option to configure firewall rules for the specified SSIDs. All traffic from a separate zone network is sent to Sophos Firewall using the Virtual Extensible LAN (VXLAN) protocol. VXLAN is a virtual tunnel that encapsulates layer 2 Ethernet frames within layer 3 IP packets. Encapsulation lowers the available MTU size. Lower MTU results in higher
fragmentation and may slow the traffic at times. To prevent this issue, you can do one of the
following:
|
| Bridge to AP LAN | The wireless network is bridged into the network of the selected access point. Clients share the IP address range of the access point. |
| Bridge to VLAN | The wireless network is bridged into a VLAN. Use this method when you want access points to be in a common network that is separate from the wireless clients. |
General settings
- Client traffic
- Method for integrating traffic on the wireless network into your local network.
- Encryption
- Encryption algorithm to use for network traffic. AES is recommended.
- Time-based access
- Allow access to the wireless network according to the specified schedule.
- Client isolation
- Prevent traffic among wireless clients that connect to the same SSID on the same radio. This setting is typically used on guest networks.
- Hide SSID
- Do not show the wireless network SSID.
- Fast transition
- Force wireless networks to use the IEEE 802.11r standard.
- MAC filtering
- Allow or block clients from connecting to the wireless network based on their MAC addresses.