SonicOS 7 Match Objects
- SonicOS 7
- Zones
- How Zones Work
- Predefined Zones
- Security Types
- Allow Interface Trust
- Enabling SonicWall Security Services on Zones
- Effect of Wireless and Non-Wireless Controller Modes
- Match Objects > Zones
- The Zone Settings Table
- Adding a New Zone
- Configuring a Zone for Guest Access
- Configuring a Zone for Open Authentication and Social Login
- Configuring a Zone for Captive Portal Authentication with RADIUS
- Configuring a Zone for Customized Policy Message
- Configuring a Zone for Customized Login Page
- Configuring the WLAN Zone
- Configuring the RADIUS Server
- Configuring DPI-SSL Granular Control per Zone
- Enabling Automatic Redirection to the User-Policy Page
- Deleting a Zone
- Addresses
- Types of Address Objects
- About Address Groups
- About UUIDs for Address Objects and Groups
- Addresses Page
- Default Address Objects and Groups
- Default Pref64 Address Object
- Default Rogue Address Groups
- Adding an Address Object
- Editing Address Objects
- Deleting Custom Address Objects
- Purging MAC or FQDN Address Objects
- Creating Address Groups
- Editing Address Groups
- Deleting Address Groups
- Working with Dynamic Address Objects
- Services
- About Default Service Objects and Groups
- Predefined IP Protocols for Custom Service Objects
- Adding Service Objects using Predefined Protocols
- Adding Custom IP Type Services
- Editing Custom Service Objects
- Deleting Custom Service Objects
- Adding Custom Service Groups
- Editing Custom Service Groups
- Deleting Custom Service Groups
- URI Lists
- Match Objects
- Schedules
- Dynamic Group
- Email Addresses
- SonicWall Support
Configuring a Zone for Guest Access
You cannot configure an Untrusted, Encrypted, SSL VPN, or Management zone for guest access.
SonicWall User Guest Services provides an easy solution for creating wired and wireless guest passes and/or locked-down Internet-only network access for visitors or untrusted network nodes. This functionality can be extended to wireless or wired users on the WLAN, LAN, DMZ, or public/semi-public zone of your choice.
To configure Guest Services feature
- Navigate to Object > Match Objects > Zones.
- Click Edit for the zone you wish to add Guest Services to. The Zone Settings dialog displays.
-
Click Guest Services tab.
- Select Enable Guest Services option. All other options become available, but are not selected by default.
-
Select from the following configuration options for Guest Services:
Enable inter-guest communication Allows guests to communicate directly with other users who are connected to this zone. Enable External Guest Authentication Requires guests connecting from the device or network you select to authenticate before gaining access. Selecting this option makes Configure available.
When this option is selected, the following four options become dimmed and unavailable.
Enable Captive Portal Authentication Allows you to create a customized login page with RADIUS authentication. Selecting this option makes Configure available. For information about configuring this option, see Configuring a Zone for Captive Portal Authentication with RADIUS. Enable Policy Page without authentication Directs users to a guest services usage policy page when they first connect to a SonicPoint or SonicWave in the WLAN zone. Guest users are authenticated by accepting the policy instead of providing a user name and password. Selecting this option makes Configure available. To set up an HTML customizable policy usage page, click Configure. For information about configuring this option, see Configuring a Zone for Customized Policy Message Custom Authentication Page Redirects users to a custom authentication page when they first connect to the network. Selecting this option makes Configure available. To set up the custom authentication page, click Configure. For information about configuring this option, see Configuring a Zone for Customized Login Page. Enable Post Authentication Page Directs users to the specified page immediately after successful authentication. Selecting this option makes Post Authentication Page field available. Post Authentication Page Enter a URL for the post-authentication page in the field. Bypass Guest Authentication Allows the Guest Services feature to integrate into environments already using some form of user-level authentication. This feature automates the authentication process, allowing wireless users unrestricted wireless Guest Services without requiring authentication. When selected, this option’s drop-down menu becomes available; select:
- All MAC Addresses (default)
- An Address Object
- An Address Group
- Create new MAC object
This feature should only be used when unrestricted Guest Service access is desired, or when another device upstream is enforcing authentication.
Redirect SMTP traffic to Redirects SMTP traffic incoming on this zone to an SMTP server you specify. When selected, this option’s drop-down menu becomes available; select:
- An Address Object
- Create new address object
Deny Networks Blocks traffic to the networks you name. When selected, this option’s drop-down menu becomes available; select:
- An Address Object
- An Address Object group
- Create new address object
- Create new address object group
Pass Networks Allows traffic through the Guest Service-enabled zone to the selected networks automatically. When selected, this option’s drop-down menu becomes available; select:
- An Address Object
- An Address Object group
- Create new address object
- Create new address object group
Max Guests Specifies the maximum number of guest users allowed to connect to this zone. The minimum number is 1, the maximum number is 4500, and the default setting is 10. -
Click Save to apply these settings to this zone.
For information about creating Address Objects and Address Object Groups, see SonicOS Object > Match Objects > Addresses.
Was This Article Helpful?
Help us to improve our support portal