
Using PortShield Interfaces
30
Configuring PortShield Interfaces
SonicOS Enhanced 3.1 Release
–
Allow Interface Trust: Checked
–
Enforce Content Filtering Service: Checked
–
Enforce Network Anti-Virus Service: Checked
–
Enable Gateway Anti-Virus Service: Checked
–
Enable IPS: Checked
–
Enforce Global Security Clients: Check to manage SonicWALL Global Security Client
settings
–
Create Group VPN: Check to provide a GroupVPN policy for users to log into when you
enforce WiFiSec security.
• Wireless tab settings:
–
Only allow traffic generated by a SonicPoint: Leave this option unchecked. This disables
SonicPoint enforcement, allowing both wired and wireless connections through this zone.
–
WiFiSec Enforcement: Only check this option if you want to enforce WiFiSec security,
requiring your residents to use a VPN client to connect.
–
SonicPoint Provisioning Profile: Select the SonicPoint profile you configured. The settings in
this profile will automatically be applied to the SonicPoints you set up for wireless access.
• Guest Services tab settings:
–
Enable Wireless Guest Services: Unchecked to disable Guest Services.
Kiosk: Configure the Kiosk zone with the following values:
• General tab settings:
–
Name: Kiosk
–
Security Type: Public.
–
Allow Interface Trust: Unchecked
–
Enforce Content Filtering Service: Checked
–
Enforce Network Anti-Virus Service: Checked
–
Enable Gateway Anti-Virus Service: Checked
–
Enable IPS: Checked
–
Enforce Global Security Clients: Unchecked
–
Create Group VPN: Unchecked
Configure the PortShield Interfaces
In this example, there are four PortShield interfaces, one assigned to the LAN zone, two assigned to
Wireless zones (General and Warehouse) and one assigned to the Kiosk zone which is similar to a DMZ.
Create the Administration PortShield interface:
1. In the Network > Interfaces page, click Add Interface.
2. Configure the interface:
–
Zone: LAN
–
PortShield Interface Name: Administration
–
IP Address: 10.100.23.1 (or an appropriate address)
Kommentare zu diesen Handbüchern