I am aware how to create a new zone. But i am not able to get that how do I assign that this particular PC in the network belongs to that particular zone and IP should be assigned that that zone's DHCP Pool
when a DHCP request is started the device goes out with an IP address of 0.0.0.0 broadcast.....
Therefore ANY DHCP server that gets the request in first, and that the client can see wins.
so you have to ensure the clients are hard partitioned as to which network they can see, unless you want to start setting all sorts or rules related to MAC address. in switches.
There is no prevision in sonicwall DHCP for allocating mac addresses to "pools" of addresses, but you can allocate a static ip address. tied to a mac address.
However , that does not prevent a faster DHCP with no rules, allocating an address to the machine, that is why you need hard partitioning. or different WIFI names for different groups.
VLANS are not a good idea unless you do it inside the switching infrastructure where the client cannot fool about.
To configure VLANS at the client end is potentially a security risk, since the client can easily reconfigure another vlan to gain access to another network, or indeed plug in a simple USB network device to gain access to the default vlan.
for example, we would never allocate multiple VLANS to the same WIFI SSID, then have the VLAN configured in the computer as the filter...
We have seem some mobile phone malware in china , that attempts to probe & switch VLANS inside the SSID, attempting to create multiple bridges between the carrier subnet range & the internal/VLAN subnet ranges... (sort of like an attempted bridge out of the firewall)
Answers
Hi Rupen,
I am new to Sonicwall as well but let me give it a try.
Create Zone
Create Zone DHCP
Add Interface to Zone
Cable the PC to that Zone Interface (direct or via Switch)
Another thing would be using VLANS. But here you might need to ask all mighty google :)
Maybe JP can help you here: https://www.youtube.com/watch?v=MriiNGJlcx0&t=304s
good luck!
best regards armin
Generally you have to be a bit careful...
when a DHCP request is started the device goes out with an IP address of 0.0.0.0 broadcast.....
Therefore ANY DHCP server that gets the request in first, and that the client can see wins.
so you have to ensure the clients are hard partitioned as to which network they can see, unless you want to start setting all sorts or rules related to MAC address. in switches.
There is no prevision in sonicwall DHCP for allocating mac addresses to "pools" of addresses, but you can allocate a static ip address. tied to a mac address.
However , that does not prevent a faster DHCP with no rules, allocating an address to the machine, that is why you need hard partitioning. or different WIFI names for different groups.
VLANS are not a good idea unless you do it inside the switching infrastructure where the client cannot fool about.
To configure VLANS at the client end is potentially a security risk, since the client can easily reconfigure another vlan to gain access to another network, or indeed plug in a simple USB network device to gain access to the default vlan.
for example, we would never allocate multiple VLANS to the same WIFI SSID, then have the VLAN configured in the computer as the filter...
We have seem some mobile phone malware in china , that attempts to probe & switch VLANS inside the SSID, attempting to create multiple bridges between the carrier subnet range & the internal/VLAN subnet ranges... (sort of like an attempted bridge out of the firewall)
@rupen1505 ,
For understanding the Sonicwall ZONE, Follow the below KB;
I hope this KB will clear your doubts/problems about the zones
DHCP services are assigned to interfaces.
Interfaces are assigned to zones.
So don't be looking for DHCP at a zone-level because it doesn't live there.