Segregate VLAN/SSID and open for just specific IPs/Ports
we created a SSID for Voice WLAN handhelds which is tagged as VLAN 20. VLAN 20 has a /24 192.168.20.0 IP range which is created on a MX100. The MX100 serves this VLAN with DHCP as well.
APs are MR42 with MS225 Switches in between. SSID has PSK WPA2.
No we need to close this VLAN/WLAN down completely and just allow specific IPs/Ports to connect to the cloud based telephone system of the provider. We got a sheet from the provider what to open and allow on the firewall.
Where to configure these rules and how? I find Firewall Config on the MX/Security Tab as well as on the WLAN/SSID Firewall Tab.
What would be the best approach to close a SSID/VLAN down and just open for specific ports?