because of limitations within IPv6, VLANs and clientless matching in firewall rules I have decided to move away from VLANs.
The requirement is seperate wifi networks for IoT, phones and printers.
I have been experimenting with WIFI SSIDs in seperate zone, doesn't seem to work.
I created a new SSID in seperate zone and assigned it an IP address from the current IoT DHCP. Then created a DHCP server using the same interface in a sub range of the IoT /24. Now that seems silly to me?
Next I tried to add my seperate zone SSID to firewall rules, but it is not selectable and I need to create a new network object with at address range to be able to use the new SSID as a source.
What have I missed? I don't believe I should be able to setup a configuration like this when I really want to isolate the new SSID from the other networks to improve security.
The setup broke my IoT device network even though there are no errors on the logs.
Deleted the test setup and now waiting for normality to return.
Are you trying to add created separate zone interface in firewall rule as a Source or Destination network ? And that is not there. Right?
I was trying to create a seperate wifi zone, which I succeeded in doing, but due to limitations in the current v18 eap3 version I ran into a lot of issues when string to add a security camera and had to delete the entire configuration add another AP and reconfigure the LAN interfaces. Now working mush better than before but still has issues.I think are application based and investigating.