We have a SonicWALL Network Security Appliance. We have 7 AirPorts --5 of the newest ones and 2 that are one step older. The SonicWALL, as our Firewall, has NAT setup as a significant feature. We have the AirPorts setup using WPA/WPA2 security. We need to add a guest network for a group of 100+ people who will be on our campus next week. I've tried to do that but when I turn on DHCP and NAT so that I can setup the guest network, we no longer have Internet access via our regular wireless network although other network services are available. The Guest Network connected computers have no access to any network resources (which is a good thing) or to the Internet (which they will need). A Double NAT error shows up on the AirPorts. I've told the AirPorts to ignore the Double NAT error but that doesn't seem to solve the problem. The AirPorts have assigned IP addresses on our LAN; computers on our LAN use DHCP services from a Windows 2003 server. Each of the 7 AirPorts has its own assigned static IP address in the same subnet as the subnet which is handled by the Windows DHCP --1.5, 1.6, 1.7, 1.9, 1.16, 1.17, and 1.18 The SonicWALL internal IP address is 1.19 In addition, when the Guest network is turned on the subnets used by the 7 AirPorts for "regular" wireless network are 101 thru 107 and the subnets used by the Guest networks are 151 thru 157. By checking the network preferences of my "test" MacBook, I can see the assignment of the IP addresses and they are assigned correctly in all three cases --regular network with Guest off, regular network with Guest on and guest network itself.
When a MacBook accesses the network without the Guest Network turned on (AirPort in Off --Bridge Mode), it gets an IP address from the Windows Server. When the Guest Network is turned on (AirPort in DHCP and NAT mode), it gets an IP address from the AirPort. This happens both when the MacBook connects to the regular network and the guest network. We have setup a separate subnet on each of the 7 AirPorts for DHCP use --subnets 101 thru 107 rather than our standard subnet of 1. I had thought that the MacBook connected via the AirPort to our regular wireless network, getting its IP address from the AirPort, would be passed up line for Internet access.
My test MacBook has full access to both network resources and the Internet on the regular network with Guest off. When Guest on, my test MacBook has access to network resources but not the Internet. With the Guest on and using the Guest network, my test MacBook has no access to either network resources or the Internet.
I am confused about why that MacBook would have access to network resources but not the Internet. And why a MacBook connected to the Guest Network would have no access to the Network resources (a good thing, by the way) but also not have access to the Internet. What is happening to block that Internet access? And how do I fix it?
Keep Up with TechRepublic