NoodleTech
[H]ard|Gawd
- Joined
- Mar 14, 2007
- Messages
- 1,105
My friend has verizon business fios at his coffee shop with 5 static IP addresses.
He uses the internet connection for customer wi-fi access, his point of sale system, and his DVR.
Currently he is using the verizon-provided actiontec MI424WR router which has a bunch of issues.. He is also using a PePwave Officepoint 400 access point with a captive portal set up for customer logins. The captive portal redirects the user to the pepwave website, so the user must authenticate over the internet, but sometimes this page does not appear for some users because apparently there is no internet access. I think the actiontec router is the source of the problems because he had the same no internet access problem with his old linksys WAP54G access point. So he wants to replace the verizon router with his SonicWall TZ 190.
There are 8 LAN switch ports on the TZ 190. I was thinking he should assign 1 of the 5 static WAN IP's to one of the LAN ports which would be connected to a switch. The POS machines would be connected to that switch. Then he would assign the 2nd of 5 static IP's to another LAN port which would connect to the wireless access point for customer access. This one would have DHCP enabled to assign IP addresses to wi-fi users. The 3rd of 5 static IP's would be assigned to another LAN port for the DVR machine. I would also set up portshield interfaces for each of those 3 LAN's so that there would be a SPI firewall between them. I also plan to put each of those networks on different subnets (IE 10.0.0.x for POS, 192.168.0.x for wi-fi, and 192.168.2.x for the DVR). Is this possible with the TZ 190 and would this essentially create 3 physically separate networks and be in compliance with PCI standards?
Is there a better way to set this up for him?
Thanks in advance.
He uses the internet connection for customer wi-fi access, his point of sale system, and his DVR.
Currently he is using the verizon-provided actiontec MI424WR router which has a bunch of issues.. He is also using a PePwave Officepoint 400 access point with a captive portal set up for customer logins. The captive portal redirects the user to the pepwave website, so the user must authenticate over the internet, but sometimes this page does not appear for some users because apparently there is no internet access. I think the actiontec router is the source of the problems because he had the same no internet access problem with his old linksys WAP54G access point. So he wants to replace the verizon router with his SonicWall TZ 190.
There are 8 LAN switch ports on the TZ 190. I was thinking he should assign 1 of the 5 static WAN IP's to one of the LAN ports which would be connected to a switch. The POS machines would be connected to that switch. Then he would assign the 2nd of 5 static IP's to another LAN port which would connect to the wireless access point for customer access. This one would have DHCP enabled to assign IP addresses to wi-fi users. The 3rd of 5 static IP's would be assigned to another LAN port for the DVR machine. I would also set up portshield interfaces for each of those 3 LAN's so that there would be a SPI firewall between them. I also plan to put each of those networks on different subnets (IE 10.0.0.x for POS, 192.168.0.x for wi-fi, and 192.168.2.x for the DVR). Is this possible with the TZ 190 and would this essentially create 3 physically separate networks and be in compliance with PCI standards?
Is there a better way to set this up for him?
Thanks in advance.