I am looking to setup wireless access to 2 of my internal VLANs. I am using Cisco 1130AG, PEAP and RADIUS for the authentication as one network is for employees only and one restricted to guests only.
I was wondering which was the most recommended solution.
1. To have 2 SSIDs, with one in each VLAN with the access restricted using the Cisco AV Pair attribute in RADIUS
2. Use one SSID and use Dot1x and the Tunnel attribute to assign the VLAN?
This option I feel is more complicated and I am still unsure how this works in reality as the SSID itself can only be part of one VLAN????
Do I have to configure a Dot11Radio and Fastethernet interface for each intended vlan in this case?
Could someone please explain and suggest their preferred option.