I have a pair of AP55Cs controlled by an SG135 in a branch office. All works well, guest network for phones on different dhcp range configured by wizard, plus a 'staff' SSID with bridged access to LAN resources - DHCP for the lan happens to also run on the firewall as there are no servers there (branch office).
I now have a requirement for guests to be able to access one PC. It is one running an appleTV/screenCast/project server software and is hooked to a giant TV. That software must initially announce itself to clients by broadcasting on it's subnet, so I need a new wifi for guests that can be on same LAN network as that PC, be able to talk to said PC (on fixed IP), but not get to anything else.
If I had old fashioned access points and SSID separating things with vlans and separate dhcp servers I'd happily set up firewall rules on the routing device between the networks to allow things from the relavent range for the guest2<->SpecificPC_IP. But I can't quite work out how to do it with the SG135 + AP55Cs, hopefully I just don't quite get how the WLAN 'interface' really works or am missing a trick somewhere.
If I create a new dhcp range for the WLAN interface, it will only allow it to be on the same subnet as is defined on the interface, and is hence different to the LAN - so the broadcasts wont get to clients. If I setup the SSID to be 'bridged to LAN' and hence let it have an IP on the LAN, I could get the traffic working, but that network would also be able to EVERYING on the LAN as the wifi clients would get unknown IPs on the LAN segment and so I couldn't build a rule to shape their traffic.
Thanks!!
This thread was automatically locked due to age.
