Public / private wireless on the same data drop?

A client has 2 existing engenius access points and the wireless is encrypted with users able to access the LAN with no problem.

What if anything would be needwed to allow those same data drops to be used to also allow public access to the internet, but block access to the LAN? Something akin to a tunnel between the access point and the router?

The engenius has the capability to have up to 4 SSIDs with different encryption settings and can specifiy VLANs for each.  But that would require a managed switch in the basement, correct? Would anyone know if the netgear unmanaged managed switches be abl;e to read the VLAN settings from the packets from wireless devices or is it simply port 1 is vlan 1 and p0ort 2 is vlan 2? Is all traffic from a specific port all on a certain vlan?

In the end they want people logged into the SSID wiht the encryptiontt insge to get to the server, but those on the unencrypted wifi to not be able to get into the lan devices.
Who is Participating?
BudDurlandConnect With a Mentor Commented:
You'll need to configure your switch to use VLANs (or have a VLAN capable switch).  The ports the access points plug into will have to be TAG'd for traffic, then assign an SSID to a VLAN.  You'll also have to have some way to get the traffic for multiple VLANs through your router to the internet.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.