I'm connecting a 1240AG access point to a Cisco 2960 via 802.1Q trunking. The AP (access point) has a BVI1 interface address of 10.19.28.20/24, and it's default-gate is 10.19.28.1 and DHCP requests are handled by the private network's DHCP server. I have 2 SSIDs on the AP, 1 private SSID and 1 guest SSID. The private SSID is WEP encrypted, associated to native VLAN 1 (10.19.28.0/24), it isn't broadcasted, and works well. The second SSID is for guests/customers, unencrypted, broadcasted, associated to VLAN 192 (192.168.80.0/24), and its DHCP requests go to a PIX 515 for assignment. I assigned int fa0.192 on the AP with a 192.168.80.0/24 address and I can ping through the PIX and out to the internet. The problem:
Users that connect to the "guest" SSID receive a 192.168.80.0/24 DHCP address from the PIX, but they can't get anywhere after that. No Internet, can't ping their default gate (192.168.80.1/PIX), and they can't even ping the 192.168.80.0/24 address I assigned to the fa0/192 interface on the AP. I think the problem may be with my gateways (the access-point and private SSID gate is 10.19.28.1, but the "guest" SSID users see a gateway of 192.168.80.1). I attached my AP config for review. Anyone have any ideas? Any assistance would be appreciated.