A wireless network provides common connection settings for wireless clients. These settings include SSID, security mode, and the method for handling client traffic.
Sophos Firewall's WiFi interface shows the unplugged status until you connect and add a wireless network to an access point.
When you add a wireless network to an access point, you define the method of integrating traffic on the wireless network into your local network.
|The wireless network is handled as a separate network with the specified IP address range. Use this option to configure firewall rules for the specified SSIDs.All traffic from a separate zone network is sent to Sophos Firewall using the Virtual Extensible LAN (VXLAN) protocol. VXLAN is a virtual tunnel that encapsulates layer 2 Ethernet frames within layer 3 IP packets.
Encapsulation lowers the available MTU size. Lower MTU results in higher fragmentation and may slow the traffic at times. To prevent this issue, you can do one of the following:
|Bridge to AP LAN
|The wireless network is bridged into the network of the selected access point. Clients share the IP address range of the access point.
|Bridge to VLAN
|The wireless network is bridged into a VLAN. Use this method when you want access points to be in a common network that's separate from the wireless clients.
Method for integrating traffic on the wireless network into your local network.
Encryption algorithm to use for network traffic. We recommend you use AES.
Allow access to the wireless network according to the specified schedule.
Prevent traffic among wireless clients that connect to the same SSID on the same radio. You use this setting typically on guest networks.
Don't show the wireless network SSID.
Force wireless networks to use the IEEE 802.11r standard.
Allow or block clients from connecting to the wireless network based on their MAC addresses.