I am trying to setup a seperate vlan to go to a seperate WAP in my network, so I can provide guest internet access without my production network being visible. I’ve set it up, but it is not working. I created a sub-interface for the new vlan (VLAN 12) on my ASA5510 firewall. The new VLAN is 172.27.27.0/28, for example. I gave it an ip on that sub-interface of 172.27.27.1. Then, I connected the WAP and configured it to be on that VLAN and subnet. I found out the WAP isn’t DHCP (server) capable, so I set the ASA to act as the DHCP server for that VLAN. I connected a laptop wirelessly and it received an ip address from my normal inside DHCP server…??? How did it do that??? Also, I could get out to the internet and see the rest of my network. So, then I set the port on the switch that the WAP is connected to, to be on that VLAN only and now, my laptop won’t get an ip at all. So, just to see if the rest of the configuration is good, I statically assigned an ip address for that subnet on my laptop and I could see the WAP, but not the firewall. I tried pinging the sub-interface on the firewall and couldn’t. Also, I can ping the WAP, but I can’t actually access it via the web interface. But, if I leave that 172.27.27.x static address on the laptop and connect to my production wireless, I can get to the web interface of the WAP, but no where else. I’m not sure where I went wrong here. Any thoughts?
Thanks!!!
Mark
