I'm trying to separate a wireless guest network from an internal network.
I made a little drawing of what I did to separate it:
Before, there existed no VLANs so this is what I'm trying to introduce.
Right now the whole .2.x network (no/default VLAN, green) is working. I just can't get the mobile clients to connect to any further than the distant end of the access point (named "WLAN Router" in the drawing).
So ping from a wireless client to the access point is fine (.1.5), ping to the distant side of the access point is fine (.2.2) but I can't reach the Cisco switch (.2.106). All devices use .2.1 (internet router) as a gateway, subnet masks are /24.
From what I understand all access ports should be untagged (here, there is only one which is not on the default VLAN) and the trunk between the switches should be tagged, no? (BTW: VLANS 1 & 5 both go over the trunk)
What am I missing here?
I hope I provided enough explanation.
.1.x
network? And are you trying to prevent.1.122
from having access to the.2.x
hosts?.2.1
And yes, public/guest is the.1.x
network which should be prevented from accessing the.2.x
network