This is a problem which has soaked up many hours over the past few days. Currently, our school's LAN does not utilise VLANs. Now, I want to create a VLAN just for WiFi use. I've created the following VLAN on the SonicWall NSA 250M router:
which automatically enabled it's own DHCP scope: 192.168.0.2 - 254 on the X0:V100 interface. On the Cisco SG200 Layer 2 switch to which the WAP is connected, I added the same VLAN. For testing, I have a PC on the future WAP port (no.47). So, apart from that, it now looks like this:
What I want to do:
I want this PC (future WAP) to exist on this new 192.168.0.x subnet and have clients access only the internet, not any servers, etc. on the existing 192.168.1.x LAN.
Problem I'm having:
No matter what settings I use on port 47, either nothing changes regarding subnet and access to resources, or, it's completely isolated from everything including the sonicwall router.
What I've tried:
All LAN ports are set to "excluded" for VLAN 100 by default, so I've tried setting port 47 to both tagged and untagged. For VLAN 1 (where all ports are "untagged" by default) I've tried setting port 47 to both forbidden and tagged as below:
I've also tried setting the "interface settings" for 47 to be trunk (default for everything), General and Access (with the various frame type options).
I've researched this thoroughly, but can't find where I'm going wrong. Questions I have would include:
What interface should each involved port be? general, access, trunk or customer?
If general or trunk, what should the PVID be?
If general, should it be Admit All, Admit Tagged Only or Admit Untagged Only and should Ingress Filtering be enabled?
For each of VLANs 1 and 100, what should the settings be for each of ports 47 and 48?
Is there anything else I need to do on the Sonicwall? Firewall settings perhaps?
Any help would be much appreciated as I have very little hair left to tear out.