We are fairly new to Meraki (Wireless - Mostly MR46).
Our previous wireless network (Cisco WLC), we had our guest network on a seperate VLAN (800). The infrastruture gave the DHCP and the data went out a seperate interface on the firewall.
We are looking at using Meraki NAT/DHCP. We have experimented with it and found some of our IOT devices which run on the guest network are not properly working since the firewall rules didn't know the source IP as it uses the AP's IP address. We are willing to change the firewall rules to use the range of AP IP addresses for simplicity sake.
How secure is it to have guest traffic (beyond the IOT devices of course) traversing our production/secure network? All of our APs are on the production network. The firewall is one hop from the default gateway. Is there any concern here? Is there any documentation on how secure NAT/DHCP is?
I'm aware on how the devices are isolated and the "Firewall and traffic shaping" is set to deny any local lan. If it denies local lan, how does it get to the firewall on the same network? I see it working, but I'm wondering about that.
Thank you.
/Alan