Looking to get our guest and BYOD users access over wireless to the corporate AV VLAN. Our guest and BYOD users are on SSIDs using NAT mode (Clients receive IP addresses in an isolated 10.0.0.0/8 network.) Our corporate AV VLAN contains our Sonos speakers. This is on a VLAN using a different IP scheme (172.X.X.X). Within the firewall and traffic shaping rules for the SSIDs, what's the ideal way to allow those devices access? I've attached a screenshot of what it's at. I realize it is deny, but what would be the correct way to allow traffic from 10.0.0.0/8 to 172.X.X.X/24 for our Sonos to be reachable for employees to access? We want to keep them from accessing anything but that AV VLAN.
... View more
