Hi, so we are looking to deploy some IAP225's in controllerless mode with multiple SSID's.
We currently have an internal network 10.201.6.x that is on VLAN 1 of our internal network and have now configured VLAN 2 with the address space of 10.201.5.x which would be our employee personal access network.
The 10.201.6.x network provides DHCP to internal clients while the 10.201.5.x is just a gateway to our DMZ so DHCP is being provided by the IAP with an address space of 192.168.2.x
Clients can connect to both SSID's and get addresses in the respective DHCP scope and the clients that connect to the 10.201.6.x network get full connectivity to our company network - this is as desired.
The issue is that when a client connects to the 192.168.2.x network it gets an address but it looks like traffic ends up back on our internal 10.201.6.x which is not desirable.
I have changes the "default_wired_port_profile" to be on both VLAN's in trunk mode and brought the profile up as it was marked as down but it looks like there is more that we need to do.
What I would like is for the AP to behave like this:
SSID: Company -> 10.201.6.x with DHCP coming from company network providing full access to corporate network
SSID:Personal -> 192.168.2.x with DHCP from access point providing access to internet with gateway address 10.201.5.1 off corporate firewall.
Both networks traverse a VLAN trunk - currently with VLAN 1 & 2 and VLAN 1 is the native VLAN.
I am attaching our AP config for reference
Thanks in advance for the help
Jack