The guest SSID is configured to use VLAN tagging 10. The Bonjoure forwarding is configured with Service VLAN 50 where the printer is connected through an Ethernet port. On layer 3 firewall for the SSID I have allowed only communication with the printer through a /32 address.
In the setting Security & SD-WAN/ Firewall I created a rule Service VLAN 50 , client VLAN 10 and Printers.
I guess this is necessary when the printer is connected on service vlan 50 through Ethernet port?
The strange thing in this configuration is that I can see allot of IP/VLAN mismatch, It´s clients getting DHCP från VLAN 10 who complaines it is associated with VLAN 50. Mainly it MAC Book computers.
Can DHCP on VLAN 50 have anything to do with it? How can it interfere when only the printers ip address is open?
A quick packet capture will tell you what kind of traffic is triggering that alert. I am suspecting it could be the mDNS traffic not being interpreted correctly. Also, do you have any clients in vlan that are on wired? I do not think it has anything to do with DHCP but the packet capture will give you the clarity you are looking for.
If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it