We are replacing our old Cisco WLC with Meraki. On the existing Wi-Fi network IP addresses are published from our own DHCP and the Wi-Fi sits on its own VLAN, 10. Clients can then go out to the internet as the firewall has a dedicated port connected to VLAN 10, and outgoing WAN port. This allows us to use the UTM functionality on the WiFi network. I would like if possible to retain the VLAN and firewall setup as is.
I have added a diagram of what I am trying to achieve with Meraki:
1. Create the Guest SSDI to use Meraki DHCP;
2. Set firewall rules to prevent access to the LAN;
3. Assign VLAN 10 to the SSID;
4. Use NAT mode on the SSID.
From what I have read when using NAT mode the LAN IP address will be the address of the AP. That being the case then it would be on the native VLAN, 50 and in theory will not work as the VLAN 10 subnet is 192.168.1.0/24.
I would appreciate some thoughts and guidance.
Thanks
Damian
