The DSL Modem/Router is configured to use public internet addressing in a /29 network.
The WRVS4400N (aka Cisco) is currently configured to provide one network (192.168.5.0/24) for corporate use.
-- Wireless disabled
-- Cisco WAN Port is configured with a valid public, static IP on the /29 network, patch cable connected to one DSL LAN port.
-- Cisco LAN is configured as 192.168.5.1/24, patch cable connected from one LAN port to Linksys switch.
All corporate equipment, including internal servers, are connected to Linksys switch.
I would like to enable the wireless on the Cisco with multiple SSIDs, one for private use (192.168.5.0/24), and one for guest access (192.168.?.0/24).
I do not want the guest SSID to have any access to the private network and vice-versa. This seems to be a common request and a common problem, but no easy solutions.
What I have tried so far
I enabled wireless and created two SSIDs, one private and one guest, both with WPA2-PSK security.
I created a second VLAN (2) on the router and configured it on the LAN page as a 192.168.10.0/24 network with DHCP enabled.
I disabled Inter-VLAN Routing to prevent communication between the two VLANs.
I enabled SSID Isolation on both wireless networks.
I enabled VLAN in the wireless settings, then entered "2" in the VLAN ID field for the guest SSID.
I left the AP Management VLAN as 1, and the private SSID as VLAN 1.
And voila, it worked! For a few minutes.
As soon as any device was connected to the guest SSID, the device would get an IP address in the correct range. Suddenly, the private network would fail, and the Cisco router could not be accessed from any device or port until it was rebooted. Once the Cisco router restarted, everything would work again until someone connected to the guest network again. The switched environment (i.e, everything on the Linksys switch) continues to work, but any attempts to access the internet would fail.
There must be something that I am missing... anyone have any insight or ideas?
Please let me know if you need any additional information.
Have you tried disabling SSID Isolation on the private wireless network? If you make that change you will have a similiar setup that I had for many months with my WVRS440N v2. I did extensive testing with that configuration and found that VLAN 1 (guest network) was never able to access VLAN 1 (private) *that I was aware of*. The only quirk I found was that if I connected wirelessly to the guest network (received an IP from VLAN 2), I would maintain that IP even after disconnecting that connection and connecting to the private network wirelessly.
I discovered that the router is holding on to some settings erroneously, which seem to "activate" when trying to make a connection on another VLAN, regardless whether it is wireless or not. Rebooting the router caused it to work again, until again connecting to any VLAN except VLAN 1.
Evidence is available in the router.cfg file, which may be produced using the "Backup" menu option. Here's an excerpt from the LAN settings portion of the file:
HI Recently I have perched 10 Cisco SG350 28 port gigabit poE switches for my running project . I would like to create my data and voice vlan in the same port where the PC will connect with the phone set.i configured my Dhcp on mikrotik cloud core ro...
Small business owners are willing to try new ways to protect and grow their businesses by innovating, taking risks and pushing boundaries - and technology is a valuable tool to help drive that success.
Learn how Cisco helps small businesses think big and...
This document is attempt to recreate content of original document created by famous @Patrick Born. Cisco has considered to destroy such valuable document for an unknown reason.Cisco SPA series phones and ATAs can use certificate-authenticated HTTPS (SSL) ...
Stay up to date with monthly on-line briefings. Join Customer Connection to register for briefings presented by Cisco product managers who share technical deep-dive product presentations with interactive Q&A.
Catch up on previous new small business p...