I'm attempting to setup my wireless to allow guest access. I've gotten my AP setup with two VLANs 40 and 41. 40 will be used by internal users and 41 will be for vendors, consultants etc. I have a Cisco 3560 L3 switch that I'll be configuring. I'm wanting to block access to all my network servers and such for those users on the 41 subnent, however I do want them to have access to the Interent. I'm having some issue with putting together the correct ACL for this because the 41 users will need to use DNS, and obtain a DHCP address to get to the Internet. The network servers are on Vlan 36.
Subnets: 192.168.36.0, 192.168.40.0, and 192.168.41.1