The DSL Modem/Router is configured to use public internet addressing in a /29 network.
The WRVS4400N (aka Cisco) is currently configured to provide one network (192.168.5.0/24) for corporate use.
-- Wireless disabled
-- Cisco WAN Port is configured with a valid public, static IP on the /29 network, patch cable connected to one DSL LAN port.
-- Cisco LAN is configured as 192.168.5.1/24, patch cable connected from one LAN port to Linksys switch.
All corporate equipment, including internal servers, are connected to Linksys switch.
I would like to enable the wireless on the Cisco with multiple SSIDs, one for private use (192.168.5.0/24), and one for guest access (192.168.?.0/24).
I do not want the guest SSID to have any access to the private network and vice-versa. This seems to be a common request and a common problem, but no easy solutions.
What I have tried so far
I enabled wireless and created two SSIDs, one private and one guest, both with WPA2-PSK security.
I created a second VLAN (2) on the router and configured it on the LAN page as a 192.168.10.0/24 network with DHCP enabled.
I disabled Inter-VLAN Routing to prevent communication between the two VLANs.
I enabled SSID Isolation on both wireless networks.
I enabled VLAN in the wireless settings, then entered "2" in the VLAN ID field for the guest SSID.
I left the AP Management VLAN as 1, and the private SSID as VLAN 1.
And voila, it worked! For a few minutes.
As soon as any device was connected to the guest SSID, the device would get an IP address in the correct range. Suddenly, the private network would fail, and the Cisco router could not be accessed from any device or port until it was rebooted. Once the Cisco router restarted, everything would work again until someone connected to the guest network again. The switched environment (i.e, everything on the Linksys switch) continues to work, but any attempts to access the internet would fail.
There must be something that I am missing... anyone have any insight or ideas?
Please let me know if you need any additional information.
Have you tried disabling SSID Isolation on the private wireless network? If you make that change you will have a similiar setup that I had for many months with my WVRS440N v2. I did extensive testing with that configuration and found that VLAN 1 (guest network) was never able to access VLAN 1 (private) *that I was aware of*. The only quirk I found was that if I connected wirelessly to the guest network (received an IP from VLAN 2), I would maintain that IP even after disconnecting that connection and connecting to the private network wirelessly.
I discovered that the router is holding on to some settings erroneously, which seem to "activate" when trying to make a connection on another VLAN, regardless whether it is wireless or not. Rebooting the router caused it to work again, until again connecting to any VLAN except VLAN 1.
Evidence is available in the router.cfg file, which may be produced using the "Backup" menu option. Here's an excerpt from the LAN settings portion of the file:
This Chat covers the intersection of technology and social impact from community to global levels. Learn how digital maturity accelerates SMB growth and profits that can fund social programs and enable sustainable business practices like remote work.
This Chat covers the intersection of technology and social impact from community to global levels. Learn how digital maturity accelerates SMB growth and profits that can fund social programs and enable sustainable business practices like remote work. We'l...
Join us live on Thursday, April 29 at 10 am PT as we discuss how the pandemic affected non profits and find out what their secret weapon was to weathering the past year. Our guests will share how giving back during this challenging time actually enabled t...
Join us live on Thursday, April 29 at 10 am PT as we discuss how the pandemic affected non profits and find out what their secret weapon was to weathering the past year. Our guests will share how giving back during this challenging time actually enabled ...
Discover the cybersecurity strategies that small and midsize business (SMB) leaders are using to thrive in today's ever-evolving threat landscape.
The Cisco Cybersecurity Report Series is a collection of thought leadership studies. This spin-off from our...