I am looking to set up guest wireless access at my office. I am using Cisco 4410N wireless access points. I know that they can support VLANs and so I can add a 2nd SSID with different security from my current work SSID. What I am unclear on, is how the guest machines will get ip addresses and get to the internet.
My assumption is that I will need a managed switch and set up trunking on the port that the WAP is connected to, allowing both VLANS through the switch. People on the work wifi will get ip addresses via DHCP from our windows server. The guest wifi will be on a different subnet. Do I set the windows server to give out the addresses for the 2nd subnet also? Would the server have to also be on that subnet to give out those addresses? If that is the case, my security scenario is crushed.
What is the best way to do this with the equipment that I have?