I have a customer who is currently using an Aironet wireless solution. Each WAP carries two SSIDs, a public and a private. We push the public over a vlan that's tied to an DMZ interface on their firewall to separate it from the private/Internal network.
I'm suggesting they switch to Meraki for their wireless and want to make sure I understand how I will segregate those public and private SSIDs. Can the Merakis do the same thing where the WAP connects to the switch infrastructure via a trunk link that carries separate vlans for public and private?
Or, with Meraki wireless is there a better way of doing this?
Thanks,
Ben
If you make 2 SSID's you can make one: Bridge mode: Make clients part of the LAN. You can use a trunk port for carrying your VLANs and then you can make the "Public" part use Meraki DHCP where no clients can communicate.
I particularly like the solution of using Meraki DHCP as that is what I do here. Its easy and offers plentiful addresses and easy way of throttling the clients if necessary.
Funny how often I feel the desire to throttle clients . . .
Hi Ben
This is very much possible with Meraki.
However you may also consider the approach suggested by @kYutobi.
This link should help you with setup.
There are two ways you can do with Meraki
1. 2 SSID with 2 Vlan (1 Vlan for Public, 1 Vlan for Private).
2. Meraki also have Nat mode for SSID, If you use Nat mode the client traffic only go to the gateway and can't connect back to local.