Add Wireless Interfaces for Single Firewalls

You can define a Wireless Interface to use a Single Firewall as a wireless access point.

You can configure one Wireless Interface on a Single Firewall. Wireless Interfaces are only supported on specific Forcepoint NGFW appliances that have an integrated wireless network interface card. Wireless Interfaces are not supported on Firewall Clusters.

You can define several wireless LANs for the Wireless Interface. A wireless LAN is defined by adding an SSID (service set identifier) interface for the Wireless Interface.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Right-click a Single Firewall and select Edit Single Firewall.
    The Engine Editor opens.
  2. In the navigation pane on the left, select Interfaces.
    The Interfaces pane opens on the right.
  3. Right-click the empty space and select New > Wireless Interface.
  4. Define the Wireless Interface properties.
    Note: Use the number of the wireless port on the appliance as the Interface ID of the Wireless Interface.
  5. Click OK.
    The Wireless Interface is added to the interface list.

Next steps

Define SSID interfaces for the Single Firewall.

Wireless Interface Properties dialog box (Firewall)

Use this dialog box to configure properties for wireless interfaces for firewalls.

Option Definition

Interface ID

Select the number of the wireless port on the appliance as the Interface ID. The Interface ID automatically maps to the wireless port on the engine’s wireless network interface card during the initial configuration of the engine.

Country

The country where the Firewall is used as a wireless access point.

Band

The band for the wireless interface access point (2.4 GHz or 5 GHz). The Wireless Mode, Channel, and Width options depend on the band that you select.

Wireless Mode

The mode in which the wireless traffic is transmitted. Select the mode according to the capabilities of the connecting clients. The available modes depend on the selected Band.

If you selected 2.4 GHz as the Band, the options are:
  • 802.11b — 11 megabit wireless-b only mode.
  • 802.11bg — 54 megabit wireless-b and g modes.
  • 802.11g — 54 megabit wireless-g only mode.
  • 802.11n — 270 megabit wireless-n only mode.
  • 802.11bgn — 270 megabit wireless-b, g, and n modes.
If you selected 5 GHz as the Band, the options are:
  • 802.11a — 54 megabit wireless-a only mode.
  • 802.11an — 270 megabit wireless-a and n modes.
  • 802.11n — 270 megabit wireless-n only mode.
  • 802.11ac — 1.3 gigabit wireless-a and c modes.
  • 802.11acn — 1.3 gigabit megabit wireless-a, c, and n modes.
Note: Some wireless clients do not support the 802.11n, 802.11ac, and 802.11acn wireless modes with the WEP security mode.
Channel

The frequency for transmitting the wireless traffic. The available channels depend on the selected Band.

If there are other wireless access points nearby, use channels that are as far apart as possible to avoid interference. The SMC might sometimes select another channel to use the best frequency available. If you select Automatic, the best channel is automatically selected.
Width

(Optional)

The width of the channel. The available channels depend on the selected Band. This option is only available if the Wireless Mode is one of the following: 802.11n, 802.11bgn, 802.11an, 802.11n, 802.11ac, or 802.11acn.
Transmit Power

(Optional)

Select the maximum power of the signal for transmitting the wireless traffic. The power options are shown as milliwatts (mW) and as the power ratio in decibels of the measured power referenced to one milliwatt (dBm). The values available depend on the regulatory limits for the selected country and the channel for the Wireless Interface.

If you are not sure what value to use, leave the default value selected.

MTU

(Optional)

The maximum transmission unit (MTU) size on the connected link. Either enter a value between 400–65535 or select a common MTU value from the list.

If the interface is a Physical Interface, the same MTU is automatically applied to any VLANs created under it.

The default value (also the maximum standard MTU in Ethernet) is 1500. Do not set a value larger than the standard MTU, unless you know that all devices along the communication path support it.

To set the MTU for a Virtual NGFW Engine, you must configure the MTU for the interface on the Master NGFW Engine that hosts the Virtual NGFW Engine, then refresh the policy on the Master NGFW Engine and the Virtual NGFW Engine.
Comment

(Optional)

 A comment for your own reference.