Hi folks,
because of limitations within IPv6, VLANs and clientless matching in firewall rules I have decided to move away from VLANs.
The requirement is seperate wifi networks for IoT, phones and printers.
I have been experimenting with WIFI SSIDs in seperate zone, doesn't seem to work.
I created a new SSID in seperate zone and assigned it an IP address from the current IoT DHCP. Then created a DHCP server using the same interface in a sub range of the IoT /24. Now that seems silly to me?
Next I tried to add my seperate zone SSID to firewall rules, but it is not selectable and I need to create a new network object with at address range to be able to use the new SSID as a source.
What have I missed? I don't believe I should be able to setup a configuration like this when I really want to isolate the new SSID from the other networks to improve security.
Ian