All, I found a few similar threads on this topic, but none of them completely addressed the core question. I apologize in advance for the repost.
We are using a single 3600 controller with 5 different SSID's. Two of those SSID's are using Captive Portal and the internal database for authentication. The others are all WPA-PSK. Let's just call the two SSID's in question "Employee" & "Guest" Currently, guests and employees are able to login to either CP because they are using the same Internal Database.
Can this be prevented? I realize we could combine the two SSID's into one & use roles, BUT we need to have each SSID on a seperate VLAN.
#3600