I've got a Sonicwall NSA 240 running the most recent production OS. I have 6 brand new sonicpoints. I have created two WLAN's named VAP-Secure & VAP-Guest. All sonicpoints serve both WLAN's.
I want to use a MAC address filter for access to VAP-Secure WLAN and deny that same list access to the Guest WLAN. At the end of the day this would allow anyone except employees to connect to the Guest WLAN.
Unfortunately it looks like I can't have a separate ACL for each SSID. It's either ONE allow and/or deny list for ALL SSID's! Am I right?
Is my only option for my Secure WLAN to create a group based on MAC addresses and simply deny access via a firewall? How dumb is that? People could still attach to the WLAN but they wouldn't be able to go anywhere. I suppose it's better than nothing but is that really my only option?