I currently have 2 SG-200-50p's deployed in my network running on a subnet of 192.168.16.x. Our Aironet Access Points have been configured with 2 SSID's, one for internal network on VLAN 1 and one for a public guess access point pointing to VLAN 10. VLAN 1 is my default network with access to everything. I want VLAN 10 only to access my Internet Connection that is currently run on a Linksys WRT54G router but is controlled through Windows 2008 NAT Routing. with dual nics. The WRT54G is a 192.168.1.1 with the network card connected at 192.168.1.5. The internal network is connection on the 192.168.16.3 nic in the server. This configuration can be and more than likely will be changed where the Linksys box plugs straight into the switch and provides its own DNS and gateway functions bypassing the server unless I can't get it to work properly. Basically I want guests to be able to hit a visible accesspoint ssid and access the Internet only by VLAN 10. All other authenticated users hit a non visible accesspoint ssid with WPA security on VLAN 1 and can have internet and regular network access. We were told after visiting with the phone company that separating out the VLANs would be best thing for security while utilizing existing access points. Our switches and our access points all supported VLANS. I am just trying to come up with the best possible way to make this VLAN work with 0 experience setting up the VLAN's other than being able to add them in the switch interface. I am totally lost on the trunking/tagging settings or how I make it all work together.
... View more