Configure Cisco 1602i Access Point with a second SSID (Guest Network) and configure DHCP on the switch

I added a Cisco 3750 switch to our network, it's connected to the first switch on trunk interface G0/1 allowing all vlans
I connected a Cisco 1602i Stand alone Access point on interface Fa1/0/1 on the new 3750 switch and changed the interface to a trunk
We have vlan1 for data with a DHCP server and vlan2 for Voice with another DHCP server.
I configured the access point and it's working fine connecting users to our vlan1 network and the DHCP server provide the network info.
I would like to configure a second SSID for guests, the DHCP server for clients connecting to it would be the 3750 switch I added, and I would like them not to be able to reach our vlan1 network

Thanks for your help
Yucel AltingozAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

djcanterCommented:
Create the SSID and assign it to vlan2.

What is going to route vlan 2 past the 3750 ?

I would start be creating the default route on the 3750 to be the gateway on vlan 1.
Then configure the vlan1 router to route vlan2 subnet to the 3750 vlan1 ip address.
Then configure NAT on the router for vlan2 subnet to access the internet.
0
Yucel AltingozAuthor Commented:
the 3750 switch is connected to a 4507 switch.
I do not wish to use Vlan2 it's already configured for Voice.
the 3750 already has a default gateway and data and phones are working normal.
I would like to add a guest network on the access point on a new vlan that does not reach our network.
the DHCP server for the new vlan will be the 3750 switch.
0
djcanterCommented:
sorry i mistyped. as you already have vlan2 in use, use any other vlan id for the new vlan, but the other principles still apply.
to prevent access to your other networks, you will need to use ACLs on the 3750.
0
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

Craig BeckCommented:
djcanter's solution is valid but you need to be absolutely sure your ACL is correct.

I would use a different router completely for the Guest VLAN (same switches, different router - to be clear).  This would allow you to connect the Guest network straight to an internet feed (or a DMZ), bypassing your internal network.
0
Yucel AltingozAuthor Commented:
I found a link that explains how to do it and it worked for me successfully.
I thought I would share it with you.

http://www.definit.co.uk/2011/06/configuring-guest-wireless-network-restricted-access-production-vlans/

Thanks for your help
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
djcanterCommented:
The link provided the same info as I did.
0
Yucel AltingozAuthor Commented:
I found a link that goes step by step and followed it successfully
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.