Hi.
So I have a configuration problem here that I cannot get figured out and it would be nice to get some guidance please. Configs below are all hypothetical.
I have two utm's in ha config. These connect to a network of about 10 switches with multiple vlans on them. One of those vlans is the mangement vlan and is used only for network devices and servers that need to be manged. The other vlans are for different departments or networks that need to be segregated. I have multiple sophos wifi networks published over multiple sophos ap's.
My question is this. Is it possible for clients that connect to a specific wifi network(ssid) to be connected to a specific vlan? Ideally I want to connect the ap's eth0 port to the management lan but vlan for traffic for the different vlans to be handed of to their respective vlans. From a switch perspective this is not a problem but I cannot find difinitive documentation that tells me the ap's can do this.
I.E: Admin lan network is vlan 10 with subnet 192.168.1.0, admin wifi is ssid wifiadmin published on ap1, ap2 and ap3. the admin staff need to be on the admin lan when connected to wifiadmin.
dev lan network is vlan 15 with subnet 192.168.2.0, dev wifi is ssid wifidev published on ap3 and ap4. the dev staff need to be on the dev lan when connected to wifidev.
I see vlan tagging can be enabled on the wifi network but if my understanding is correct this means that the eth interface of the ap will then be connected to a specific vlan and may not allow for the above configuration.
In my understanding the following is true:
Seperate zone - This won't work as then you need a seperate subnet.
Bridge to AP Lan - This won't work as it will only connect clients to the lan connected to eth0.
Bridge to VLAN - This sounds like the correct configuration but i get an error that the ap vlan configuration is not correct.
This thread was automatically locked due to age.